WO2016161583A1 - Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system - Google Patents

Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system Download PDF

Info

Publication number
WO2016161583A1
WO2016161583A1 PCT/CN2015/076118 CN2015076118W WO2016161583A1 WO 2016161583 A1 WO2016161583 A1 WO 2016161583A1 CN 2015076118 W CN2015076118 W CN 2015076118W WO 2016161583 A1 WO2016161583 A1 WO 2016161583A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
integrity
algorithm
encryption
sgsn
Prior art date
Application number
PCT/CN2015/076118
Other languages
French (fr)
Chinese (zh)
Inventor
张丽佳
葛翠丽
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to EP18209789.9A priority Critical patent/EP3518569B1/en
Priority to PCT/CN2015/076118 priority patent/WO2016161583A1/en
Priority to RU2017135480A priority patent/RU2683853C1/en
Priority to BR112017020874-1A priority patent/BR112017020874A2/en
Priority to JP2017552875A priority patent/JP6504630B2/en
Priority to CN201580055450.3A priority patent/CN107079293A/en
Priority to CA2979898A priority patent/CA2979898A1/en
Priority to KR1020177027640A priority patent/KR101929699B1/en
Priority to EP15888140.9A priority patent/EP3258718B1/en
Publication of WO2016161583A1 publication Critical patent/WO2016161583A1/en
Priority to US15/727,027 priority patent/US20180034635A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Provided in the present application are a GPRS system key enhancement method, SGSN device, UE, HLR/HSS and GPRS system. The method comprises: receiving, by an SGSN, a request message transmitted by a UE; acquiring, by the SGSN and from an HLR/HSS, an authentication vector comprising a first encryption key and a first integrity key; if the SGSN determines that the UE is a first-type UE, then selecting, for the UE, an encryption algorithm and an integrity algorithm, and transmitting, to the UE, the selected encryption algorithm and integrity algorithm; and calculating, by the SGSN and according to the first encryption key and the first integrity key, a second encryption key and a second integrity key. By adopting an embodiment of the present application, encryption protection and integrity protection can be performed, via the encryption algorithm and the integrity algorithm selected by the SGSN and the second encryption key and the second integrity key, on a communication message between the SGSN and the UE , thus improving communication security of the first-type UE in a GPRS network.

Description

一种GPRS系统密钥增强的方法、SGSN设备、UE、HLR/HSS及GPRS系统Method for key enhancement of GPRS system, SGSN equipment, UE, HLR/HSS and GPRS system 技术领域Technical field
本申请涉及通信安全领域,尤其涉及一种GPRS系统密钥增强的方法、SGSN设备、UE、HLR/HSS及GPRS系统。The present application relates to the field of communication security, and in particular, to a method for key enhancement of a GPRS system, an SGSN device, a UE, an HLR/HSS, and a GPRS system.
背景技术Background technique
为实现数据传输功能,用户设备(User Equipment,UE)一般通过用户识别模块(SIM,Subscriber Identity Module)或全球用户识别模块(USIM,Universal Subscriber Identity Module)来接入运营商的移动通信网络,如通用分组无线服务(GPRS,General Packet Radio Service)网络,从而与其他UE、人或移动网络进行通信。为了保证UE通信的安全,在UE接入移动通信网络之前,通常需要进行网络侧和UE之间的鉴权,以保证网络侧和UE的合法性,并生成机密性密钥和完整性密钥,从而为通信消息提供机密性保护和完整性保护。然而现有技术中,当使用SIM的UE接入GPRS网络时,只能实现网络侧对UE的单向鉴权,以及对通信消息进行加密性保护,无法实现UE对网络侧的鉴权和对通信消息的完整性保护。当使用USIM的UE接入GPRS网络,可以实现网络侧和UE之间的双向认证,但仍然仅能对通信消息进行加密性保护,无法为通信消息提供完整性保护。存在的安全威胁如下:一方面,若UE无法对来自网络侧的消息进行认证,可能会使UE遭受假基站的攻击;另一方面,若通信消息无法得到完整性保护,UE和网络侧之间的通信可能遭受算法降级攻击,甚至存在通信内容被窃听或篡改等安全隐患。对于一些物联网UE、机器通信UE等要求高安全性通信的UE来说,亟需提供一种方法,增强此类UE在GPRS网络中通信的安全性。In order to implement the data transmission function, the user equipment (User Equipment, UE) is generally connected to the operator's mobile communication network through a Subscriber Identity Module (SIM) or a Universal Subscriber Identity Module (USIM). A General Packet Radio Service (GPRS) network to communicate with other UEs, people, or mobile networks. In order to ensure the security of the UE communication, before the UE accesses the mobile communication network, authentication between the network side and the UE is usually required to ensure the legality of the network side and the UE, and generate a confidentiality key and an integrity key. To provide confidentiality protection and integrity protection for communication messages. However, in the prior art, when the UE using the SIM accesses the GPRS network, only one-way authentication of the UE by the network side and cryptographic protection of the communication message can be implemented, and the UE can not authenticate the network side and the pair. Integrity protection of communication messages. When the UE using the USIM accesses the GPRS network, the two-way authentication between the network side and the UE can be implemented, but the communication message can only be encrypted and cannot provide integrity protection for the communication message. The security threats are as follows: On the one hand, if the UE cannot authenticate the message from the network side, the UE may be attacked by the fake base station; on the other hand, if the communication message cannot be integrity protected, between the UE and the network side The communication may suffer from algorithm downgrade attacks, and even security risks such as eavesdropping or tampering of the communication content. For some UEs that require high-security communication, such as IoT UEs, machine communication UEs, etc., it is urgent to provide a method to enhance the security of such UEs in the GPRS network.
发明内容Summary of the invention
本申请实施例公开了一种GPRS系统密钥增强的方法、SGSN设备、UE、HLR/HSS及GPRS系统,可增强GPRS系统的密钥,提高第一类型UE在GPRS 网络中通信的安全性。The embodiment of the present application discloses a GPRS system key enhancement method, an SGSN device, a UE, an HLR/HSS, and a GPRS system, which can enhance a key of a GPRS system and improve a first type of UE in GPRS. The security of communication in the network.
本申请实施例第一方面公开了一种GPRS系统密钥增强的方法,可包括:The first aspect of the embodiment of the present application discloses a method for key enhancement of a GPRS system, which may include:
SGSN接收UE发送的请求消息;Receiving, by the SGSN, a request message sent by the UE;
所述SGSN从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;The SGSN obtains an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key;
若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法,并将所选择的加密算法和完整性算法发送给所述UE;If the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE, and send the selected encryption algorithm and integrity algorithm to the UE;
所述SGSN根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;The SGSN obtains a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity algorithm. And used for integrity protection of messages transmitted between the SGSN and the UE.
结合第一方面,在第一种可能的实现方式中,所述请求消息中包含所述UE的标识,所述SGSN确定所述UE为第一类型UE包括:With reference to the first aspect, in a first possible implementation, the request message includes an identifier of the UE, and the SGSN determines that the UE is a first type of UE, including:
所述SGSN将所述UE的标识发送给所述HLR/HSS,以使所述HLR/HSS根据所述UE的标识确定所述UE为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;Sending, by the SGSN, the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines that the UE is a first type of UE according to the identifier of the UE, and sends the UE type indication information to the SGSN. The UE type indication information is used to indicate that the UE is a first type UE;
所述SGSN接收所述HLR/HSS发送的所述UE类型指示信息,确定所述UE为第一类型UE。The SGSN receives the UE type indication information sent by the HLR/HSS, and determines that the UE is a first type of UE.
结合第一方面,在第二种可能的实现方式中,所述SGSN确定所述UE为第一类型UE,包括:With reference to the first aspect, in a second possible implementation manner, the SGSN determines that the UE is a first type of UE, including:
若所述请求消息包含UE类型指示信息,则所述SGSN确定所述UE为第一类型UE,其中所述UE类型指示信息用于指示所述UE为第一类型UE。If the request message includes the UE type indication information, the SGSN determines that the UE is a first type of UE, where the UE type indication information is used to indicate that the UE is a first type of UE.
结合第一方面及第一方面的第一至第二种可能的实现方式中任一项,在第三种可能的实现方式中,所述SGSN根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:With reference to the first aspect, and any one of the first to the second possible implementation manners of the first aspect, in a third possible implementation, the SGSN is configured according to the first encryption key and the first The integrity key, obtaining the second encryption key and the second integrity key, including:
所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述SGSN根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述SGSN根据所述中间密钥和完整性特征字符串,计算所述第二完整性密 钥;或者,The SGSN calculates an intermediate key according to the first encryption key and the first integrity key; the SGSN calculates the second encryption key according to the intermediate key and the encryption feature string; The SGSN calculates the second integrity key according to the intermediate key and the integrity feature string Key; or,
所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述SGSN根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述SGSN根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The SGSN calculates an intermediate key according to the first encryption key and the first integrity key; the SGSN is configured according to the intermediate key, the first algorithm type indication, and the identifier of the selected encryption algorithm, Computing the second encryption key; the SGSN calculates the second integrity key according to the intermediate key, a second algorithm type indication, and an identifier of the selected integrity algorithm, where the first algorithm The type indication and the value indicated by the second algorithm type are different.
结合第一方面及第一方面的第一至第二种可能的实现方式中任一项,在第四种可能的实现方式中,所述SGSN根据所述认证向量中的第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥,包括:With reference to the first aspect, and any one of the first to the second possible implementation manners of the first aspect, in a fourth possible implementation, the SGSN is configured according to a first encryption key in the authentication vector The first integrity key calculates the second encryption key and the second integrity key, including:
所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述SGSN将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The SGSN calculates an intermediate key according to the first encryption key and the first integrity key; the SGSN uses a first preset bit of the intermediate key as the second encryption key And using the second preset bit of the intermediate key as the second integrity key; or
所述SGSN根据所述第一加密密钥、第一算法类型指示和所选择的加密算法的标识计算第二加密密钥;所述SGSN根据所述第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The SGSN calculates a second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm; the SGSN is instructed according to the first integrity key and the second algorithm type And calculating, by the identifier of the selected integrity algorithm, a second integrity key, where the first algorithm type indication is different from the value indicated by the second algorithm type; or
所述SGSN将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述SGSN将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The SGSN uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the SGSN sets the first integrity key or the first The preset bit of the integrity key is used as the second integrity key.
结合第一方面及第一方面的第三至第四种可能的实现方式中任一项,在第五种可能的实现方式中,With reference to the first aspect, and any one of the third to fourth possible implementation manners of the first aspect, in a fifth possible implementation manner,
所述认证向量为认证向量五元组;The authentication vector is an authentication vector quintuple;
所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
结合第一方面的第五种可能的实现方式,在第六种可能的实现方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In conjunction with the fifth possible implementation of the first aspect, in a sixth possible implementation, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请实施例第二方面公开了一种GPRS系统密钥增强的方法,可包括:The second aspect of the embodiment of the present application discloses a method for key enhancement of a GPRS system, which may include:
UE向SGSN发送请求消息;The UE sends a request message to the SGSN;
所述UE接收所述SGSN发送的加密算法和完整性算法; Receiving, by the UE, an encryption algorithm and an integrity algorithm sent by the SGSN;
所述UE根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;Obtaining, by the UE, the second encryption key and the second integrity key according to the first encryption key and the first integrity key;
其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
结合第二方面,在第一种可能的实现方式中,所述UE向所述SGSN发送的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。With reference to the second aspect, in a first possible implementation, the request message sent by the UE to the SGSN includes UE type indication information, where the UE type indication information is used to indicate that the UE is a first type of UE. .
结合第二方面,在第一种可能的实现方式中,所述UE根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:With reference to the second aspect, in a first possible implementation manner, the UE acquires the second encryption key and the second integrity key according to the first encryption key and the first integrity key, including:
所述UE根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述UE根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述UE根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE calculates the second encryption key according to the intermediate key and the encryption feature string; The UE calculates the second integrity key according to the intermediate key and the integrity feature string; or
所述UE根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述UE根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥;所述UE根据所述中间密钥、第二算法类型指示和所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE calculates according to the intermediate key, the first algorithm type indication, and the identifier of the encryption algorithm. The second encryption key; the UE calculates the second integrity key according to the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm, where the first algorithm type indication The value indicated by the second algorithm type is different.
结合第二方面及第二方面的第一种可能的实现方式中任一项,在第二种可能的实现方式中,所述UE根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:With reference to the second aspect, and any one of the first possible implementation manners of the second aspect, in a second possible implementation manner, the UE obtains the first information according to the first encryption key and the first integrity key. The second encryption key and the second integrity key, including:
所述UE根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述UE将所述中间密钥的第一预设比特位作为第二加密密钥,将所述中间密钥的第二预设比特位作为第二完整性密钥。The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE uses the first preset bit of the intermediate key as a second encryption key, and The second preset bit of the intermediate key is used as the second integrity key.
结合第二方面及第二方面的第一种可能的实现方式中任一项,在第三种可能的实现方式中,所述UE根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥,包括:With reference to the second aspect, and the first possible implementation manner of the second aspect, in a third possible implementation, the UE calculates a second according to the first encryption key and the first integrity key. The encryption key and the second integrity key, including:
所述UE根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;所述UE将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间 密钥的第二预设比特位作为所述第二完整性密钥;或者,The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE uses a first preset bit of the intermediate key as the second encryption key, Will be in the middle a second preset bit of the key as the second integrity key; or
所述UE根据所述第一加密密钥、第一算法类型指示和所述加密算法的标识计算所述第二加密密钥;所述UE根据第一完整性密钥、算法类型指示和所述完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The UE calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; the UE according to the first integrity key, the algorithm type indication, and the The identifier of the integrity algorithm calculates the second integrity key, wherein the first algorithm type indication and the second algorithm type indicate different values; or
所述UE将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述UE将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The UE uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the UE will use the first integrity key or the first The preset bit of the integrity key is used as the second integrity key.
结合第二方面的第二至第三种可能的实现方式中任一项,在第四种可能的实现方式中,所述第一加密密钥为认证向量五元组中的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。With reference to any one of the second to third possible implementation manners of the second aspect, in a fourth possible implementation, the first encryption key is an encryption key CK in the authentication vector quintuple. The first integrity key is an integrity key IK in the authentication vector quintuple.
结合第二方面的第四种可能的实现方式,在第五种可能的实现方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In conjunction with the fourth possible implementation of the second aspect, in a fifth possible implementation, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请第三方面公开了一种GPRS系统密钥增强的方法,可包括:The third aspect of the present application discloses a method for key enhancement of a GPRS system, which may include:
HLR/HSS接收SGSN发送的用户设备UE的标识;The HLR/HSS receives the identifier of the user equipment UE sent by the SGSN;
所述HLR/HSS根据所述UE的标识确定所述UE为第一类型UE;Determining, by the HLR/HSS, that the UE is a first type UE according to the identifier of the UE;
所述HLR/HSS向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The HLR/HSS sends the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
本申请第四方面公开了一种SGSN设备,可包括:The fourth aspect of the present application discloses an SGSN device, which may include:
接收模块,用于接收UE发送的请求消息;a receiving module, configured to receive a request message sent by the UE;
获取模块,用于从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;An obtaining module, configured to acquire an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key;
选择模块,用于在所述SGSN确定所述UE为第一类型UE时,为所述UE选择一种加密算法和一种完整性算法,并将所选择的加密算法和完整性算法发送给所述UE;a selecting module, configured to: when the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE, and send the selected encryption algorithm and integrity algorithm to the Said UE;
获得模块,用于根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;Obtaining a module, configured to obtain a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性 算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity. The algorithm is configured to perform integrity protection on a message transmitted between the SGSN and the UE.
结合第四方面,在第一种可能的实现方式中,所述请求消息中包含所述UE的标识,所述SGSN设备还包括:With reference to the fourth aspect, in a first possible implementation, the request message includes an identifier of the UE, and the SGSN device further includes:
发送模块,用于将所述UE的标识发送给HLR/HSS,以使所述HLR/HSS根据所述UE的标识判断所述UE是否为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;a sending module, configured to send the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines, according to the identifier of the UE, whether the UE is a first type UE, and sends a UE type indication to the SGSN. Information, the UE type indication information is used to indicate that the UE is a first type UE;
第一确定模块,用于接收所述HLR/HSS发送的所述UE类型指示信息,确定所述UE为第一类型UE。The first determining module is configured to receive the UE type indication information that is sent by the HLR/HSS, and determine that the UE is a first type of UE.
结合第四方面,在第二种可能的实现方式中,所述SGSN设备还包括:With reference to the fourth aspect, in a second possible implementation manner, the SGSN device further includes:
第二确定模块,用于在所述请求消息包含UE类型指示信息时,确定所述UE为第一类型UE,其中,所述UE类型指示信息用于指示所述UE为第一类型UE。And a second determining module, configured to: when the request message includes the UE type indication information, determine that the UE is a first type of UE, where the UE type indication information is used to indicate that the UE is a first type of UE.
结合第四方面及第四方面的第一至第二种可能的实现方式中任一项,在第三种可能的实现方式中,所述获得模块包括第一计算单元、第二计算单元和第三计算单元,其中:With reference to the fourth aspect, and any one of the first to the second possible implementation manners of the fourth aspect, in a third possible implementation, the obtaining module includes a first calculating unit, a second calculating unit, and a Three computing units, where:
所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key; the second calculating unit is configured to use the intermediate key and the encryption feature The second encryption unit is configured to calculate the second integrity key according to the intermediate key and the integrity feature string; or
所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key, and the second calculating unit is configured to use, according to the intermediate key, the first An algorithm type indication and an identifier of the selected encryption algorithm, the second encryption key is calculated; the third calculation unit is configured to perform, according to the intermediate key, the second algorithm type indication, and the selected integrity algorithm And identifying, the second integrity key, wherein the first algorithm type indication and the second algorithm type indicate different values.
结合第四方面及第四方面的第一至第二种可能的实现方式中任一项,在第四种可能的实现方式中,With reference to the fourth aspect, and any one of the first to second possible implementation manners of the fourth aspect, in a fourth possible implementation manner,
所述获得模块具体用于:根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;将所述中间密钥的第一预设比特位作为第二加密密钥,将所述中 间密钥的第二预设比特位作为第二完整性密钥;或者,The obtaining module is specifically configured to: calculate an intermediate key according to the first encryption key and the first integrity key; and use a first preset bit of the intermediate key as a second encryption key, Will be in the middle a second preset bit of the inter-key as the second integrity key; or
所述获得模块包括:第四计算单元,用于根据所述第一加密密钥、第一算法类型指示和所选择的加密算法的标识计算所述第二加密密钥;第五计算单元,用于根据所述第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The obtaining module includes: a fourth calculating unit, configured to calculate the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm; the fifth calculating unit, Calculating the second integrity key according to the first integrity key, the second algorithm type indication, and an identifier of the selected integrity algorithm, wherein the first algorithm type indication and the second algorithm type The values indicated are not the same; or,
所述获得模块具体用于:将所述认证向量中的第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;将所述认证向量中的第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The obtaining module is specifically configured to: use a first encryption key in the authentication vector or a preset bit of the first encryption key as the second encryption key; An integrity key or a preset bit of the first integrity key is used as the second integrity key.
结合第四方面的第三至第四种可能的实现方式中任一项,在第五种可能的实现方式中,With reference to any one of the third to fourth possible implementation manners of the fourth aspect, in a fifth possible implementation manner,
所述认证向量为认证向量五元组;The authentication vector is an authentication vector quintuple;
所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
结合第四方面的第五种可能的实现方式,在第六种可能的实现方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In conjunction with the fifth possible implementation of the fourth aspect, in a sixth possible implementation, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请第五方面公开了一种计算机存储介质,所述计算机存储介质存储有程序,运行所述程序时执行包括如第一方面及第一方面的第一至第六种可能的实现方式中任一项所述的步骤。A fifth aspect of the present application discloses a computer storage medium storing a program, the first to sixth possible implementations including the first aspect and the first aspect are executed when the program is executed One of the steps described.
本申请第六方面提供了一种SGSN设备,可包括接收装置、发送装置和处理器,所述接收装置、所述发送装置和所述处理器通过总线相连,其中:A sixth aspect of the present application provides an SGSN device, which may include a receiving device, a transmitting device, and a processor, where the receiving device, the transmitting device, and the processor are connected by a bus, where:
所述接收装置,用于接收UE发送的请求消息;The receiving device is configured to receive a request message sent by the UE;
所述处理器,用于:The processor is configured to:
从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;Acquiring an authentication vector from the HLR/HSS, the authentication vector including a first encryption key and a first integrity key;
若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法;And if the SGSN determines that the UE is a first type of UE, selecting an encryption algorithm and an integrity algorithm for the UE;
根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥; Obtaining a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
所述发送装置,用于将所选择的加密算法和完整性算法发送给所述UE;The sending device is configured to send the selected encryption algorithm and integrity algorithm to the UE;
其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity algorithm. And used for integrity protection of messages transmitted between the SGSN and the UE.
结合第六方面,在第一种可能的实现方式中,所述请求消息中包含所述UE的标识;With reference to the sixth aspect, in a first possible implementation, the request message includes an identifier of the UE;
所述发送装置,还用于将所述UE的标识发送给所述HLR/HSS,以使所述HLR/HSS根据所述UE的标识判断所述UE是否为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;The sending device is further configured to send the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines, according to the identifier of the UE, whether the UE is a first type UE, and The SGSN sends the UE type indication information, where the UE type indication information is used to indicate that the UE is a first type UE;
所述处理器确定所述UE为第一类型UE,包括:所述处理器接收所述HLR/HSS发送的UE类型指示信息,确定所述UE为第一类型UE。Determining, by the processor, that the UE is a first type of UE, the method includes: the processor receiving the UE type indication information sent by the HLR/HSS, and determining that the UE is a first type of UE.
结合第六方面,在第二种可能的实现方式中,所述处理器确定所述UE为第一类型UE,包括:With reference to the sixth aspect, in a second possible implementation manner, the determining, by the processor, that the UE is a first type of UE includes:
若所述请求消息包含UE类型指示信息,则所述处理器确定所述UE为第一类型UE,其中,所述UE类型指示信息用于指示所述UE为第一类型UE。If the request message includes the UE type indication information, the processor determines that the UE is a first type of UE, where the UE type indication information is used to indicate that the UE is a first type of UE.
结合第六方面及第六方面的第一至第二种可能的实现方式中任一项,在第三种可能的实现方式中,所述处理器根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:With reference to the sixth aspect, and any one of the first to the second possible implementation manners of the sixth aspect, in a third possible implementation, the processor, according to the first encryption key and the An integrity key, obtaining a second encryption key and a second integrity key, including:
所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述处理器根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor calculates the second encryption key according to the intermediate key and the encryption feature string a key; the processor calculates the second integrity key according to the intermediate key and an integrity feature string; or
所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述处理器根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor is configured according to the intermediate key, the first algorithm type indication, and the selected encryption algorithm Identifying, calculating the second encryption key; the processor calculating the second integrity key according to the intermediate key, a second algorithm type indication, and an identifier of the selected integrity algorithm, wherein the The first algorithm type indication and the second algorithm type indicate different values.
结合第六方面及第六方面的第一至第二种可能的实现方式中任一项,在第 四种可能的实现方式中,所述处理器根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:Combining any of the first to second possible implementations of the sixth aspect and the sixth aspect, In a four possible implementation manner, the processor obtains the second encryption key and the second integrity key according to the first encryption key and the first integrity key, including:
所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor uses a first preset bit of the intermediate key as the second encryption a key, the second preset bit of the intermediate key is used as the second integrity key; or
所述处理器根据所述认证向量中的第一加密密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述处理器根据所述认证向量中的第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The processor calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm in the authentication vector; the processor is according to the authentication vector Calculating the second integrity key by the first integrity key, the second algorithm type indication, and the identifier of the selected integrity algorithm, wherein the first algorithm type indication and the second algorithm type indication are taken Values are not the same; or,
所述处理器将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述处理器将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The processor uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the processor sets the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
结合第六方面的第三至第四种可能的实现方式中任一项,在第五种可能的实现方式中,With reference to any one of the third to fourth possible implementation manners of the sixth aspect, in a fifth possible implementation manner,
所述认证向量为认证向量五元组;The authentication vector is an authentication vector quintuple;
所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
结合第六方面的第五种可能的实现方式,在第六种可能的实现方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In conjunction with the fifth possible implementation of the sixth aspect, in a sixth possible implementation, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请第七方面公开了一种UE,可包括:The seventh aspect of the present application discloses a UE, which may include:
发送模块,用于向SGSN发送请求消息;a sending module, configured to send a request message to the SGSN;
接收模块,用于接收所述SGSN发送的加密算法和完整性算法;a receiving module, configured to receive an encryption algorithm and an integrity algorithm sent by the SGSN;
获取模块,用于根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;An acquiring module, configured to acquire a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
结合第七方面,在第一种可能的实现方式中,所述UE向所述SGSN发送 的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。With reference to the seventh aspect, in a first possible implementation, the UE sends the SGSN The request message includes UE type indication information, where the UE type indication information is used to indicate that the UE is a first type of UE.
结合第七方面及第七方面的第一种可能的实现方式中任一项,在第二种可能的实现方式中,所述获取模块包括第一计算单元、第二计算单元和第三计算单元,其中:With reference to the seventh aspect, and the first possible implementation manner of the seventh aspect, in a second possible implementation, the acquiring module includes a first calculating unit, a second calculating unit, and a third calculating unit ,among them:
所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key; the second calculating unit is configured to use the intermediate key and the encryption feature The second encryption unit is configured to calculate the second integrity key according to the intermediate key and the integrity feature string; or
所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥、第二算法类型指示和所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key, and the second calculating unit is configured to use, according to the intermediate key, the first The algorithm type indication and the identifier of the encryption algorithm, and the second encryption key is calculated; the third calculating unit is configured to use, according to the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm, Calculating the second integrity key, wherein the first algorithm type indication and the second algorithm type indication value are different.
结合第七方面及第七方面的第一种可能的实现方式中任一项,在第三种可能的实现方式中,With reference to any one of the seventh aspect and the first possible implementation manner of the seventh aspect, in a third possible implementation manner,
所述获取模块具体用于:根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The acquiring module is specifically configured to: calculate an intermediate key according to the first encryption key and the first integrity key; and use a first preset bit of the intermediate key as the second encryption a key, the second preset bit of the intermediate key is used as the second integrity key; or
所述计算模块包括:第四计算单元,用于根据所述第一加密密钥、第一算法类型指示和所述加密算法的标识计算所述第二加密密钥;第五计算单元,用于根据所述第一完整性密钥、第二算法类型指示和所述完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The calculation module includes: a fourth calculation unit, configured to calculate the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; and the fifth calculation unit is configured to: Calculating the second integrity key according to the first integrity key, the second algorithm type indication, and the identifier of the integrity algorithm, wherein the first algorithm type indication and the second algorithm type indication Values are not the same; or,
所述获取模块具体用于:将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The acquiring module is specifically configured to: use the first encryption key or a preset bit of the first encryption key as the second encryption key; and the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
结合第七方面的第二至第三种可能的实现方式中任一项,在第四种可能的 实现方式中,所述第一加密密钥为认证向量五元组中的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。In combination with any of the second to third possible implementations of the seventh aspect, in a fourth possible In an implementation manner, the first encryption key is an encryption key CK in an authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
结合第七方面的第四种可能的实现方式,在第五种可能的实现方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In conjunction with the fourth possible implementation of the seventh aspect, in a fifth possible implementation, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请第八方面公开了一种计算机存储介质,所述计算机存储介质存储有程序,运行所述程序时执行包括如第二方面及第二方面的第一至第五种可能的实现方式中任一项所述的步骤。The eighth aspect of the present application discloses a computer storage medium storing a program, and executing the program includes any of the first to fifth possible implementations of the second aspect and the second aspect. One of the steps described.
本申请第九方面公开了一种UE,可包括发送装置、接收装置和处理器,所述发送装置、所述接收装置和所述处理器通过总线连接,其中:A ninth aspect of the present application discloses a UE, which may include a sending device, a receiving device, and a processor, where the sending device, the receiving device, and the processor are connected by a bus, where:
所述发送装置,用于向SGSN发送请求消息;The sending device is configured to send a request message to the SGSN;
所述接收装置,还用于接收所述SGSN发送的加密算法和完整性算法;The receiving device is further configured to receive an encryption algorithm and an integrity algorithm sent by the SGSN;
所述处理器,用于根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;The processor is configured to obtain a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
结合第九方面,在第一种可能的实现方式中,所述发送装置向所述SGSN发送的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。With reference to the ninth aspect, in a first possible implementation, the request message that is sent by the sending device to the SGSN includes UE type indication information, where the UE type indication information is used to indicate that the UE is the first type. UE.
结合第九方面及第九方面的第一种可能的实现方式中任一项,在第二种可能的实现方式中,所述处理器根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:With reference to the ninth aspect, and the first possible implementation manner of the ninth aspect, in a second possible implementation, the processor is configured according to the first encryption key and the first integrity key. The second encryption key and the second integrity key include:
所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述处理器根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor calculates the second encryption key according to the intermediate key and the encryption feature string a key; the processor calculates the second integrity key according to the intermediate key and an integrity feature string; or
所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥;所述处理器根据所述中间密钥、第二算法类型指示和 所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor is configured according to the intermediate key, a first algorithm type indication, and an identifier of the encryption algorithm Calculating the second encryption key; the processor according to the intermediate key, a second algorithm type indication, and The identifier of the integrity algorithm calculates the second integrity key, wherein the first algorithm type indication and the second algorithm type indicate different values.
结合第九方面及第九方面的第一种可能的实现方式中任一项,在第三种可能的实现方式中,所述处理器根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:With reference to the ninth aspect, and the first possible implementation manner of the ninth aspect, in a third possible implementation, the processor is configured according to the first encryption key and the first integrity key. The second encryption key and the second integrity key include:
所述处理器根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;所述处理器将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor uses a first preset bit of the intermediate key as the second encryption key Key, the second preset bit of the intermediate key is used as the second integrity key; or
所述处理器根据所述第一加密密钥、第一算法类型指示和所述加密算法的标识计算所述第二加密密钥;所述处理器根据所述第一完整性密钥、第二算法类型指示和所述完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The processor calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; the processor is configured according to the first integrity key, the second The algorithm type indication and the identifier of the integrity algorithm calculate the second integrity key, where the first algorithm type indication and the second algorithm type indicate different values; or
所述处理器将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述处理器将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The processor uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the processor sets the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
结合第九方面的第二至第三种可能的实现方式中任一项,在第四种可能的实现方式中,所述第一加密密钥为认证向量五元组中的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。With reference to any one of the second to third possible implementation manners of the ninth aspect, in a fourth possible implementation, the first encryption key is an encryption key CK in the authentication vector quintuple. The first integrity key is an integrity key IK in the authentication vector quintuple.
结合第九方面的第四种可能的实现方式,在第五种可能的实现方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In conjunction with the fourth possible implementation of the ninth aspect, in a fifth possible implementation, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请第十方面公开了一种HLR/HSS,可包括:The tenth aspect of the present application discloses an HLR/HSS, which may include:
接收模块,用于接收服务GPRS支持节点SGSN发送的用户设备UE的标识;a receiving module, configured to receive an identifier of the user equipment UE sent by the serving GPRS support node SGSN;
确定模块,用于根据所述UE的标识确定所述UE为第一类型UE;a determining module, configured to determine, according to the identifier of the UE, that the UE is a first type UE;
发送模块,用于向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。And a sending module, configured to send the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
本申请第十一方面公开了一种计算机存储介质,所述计算机存储介质存储有程序,运行所述程序时执行包括如本申请第三方面所述的步骤。An eleventh aspect of the present application discloses a computer storage medium storing a program that, when executed, includes the steps as described in the third aspect of the present application.
本申请第十二方面公开了一种HLR/HSS,可包括发送装置、接收装置和 处理器,所述发送装置、所述接收装置和所述处理器通过总线连接,其中:A twelfth aspect of the present application discloses an HLR/HSS, which may include a transmitting device, a receiving device, and a processor, the transmitting device, the receiving device, and the processor are connected by a bus, wherein:
所述接收装置,用于接收服务GPRS支持节点SGSN发送的用户设备UE的标识;The receiving device is configured to receive an identifier of the user equipment UE that is sent by the serving GPRS support node SGSN;
所述处理器,用于根据所述UE的标识确定所述UE为第一类型UE;The processor is configured to determine, according to the identifier of the UE, that the UE is a first type UE;
所述发送装置,用于向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The sending device is configured to send the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type UE.
本申请第十三方面公开了一种GPRS系统,所述GPRS系统包括服务GPRS支持节点SGSN设备、用户设备UE和归属位置寄存器HLR/归属签约系统HSS,其中:A thirteenth aspect of the present application discloses a GPRS system, which includes a serving GPRS support node SGSN device, a user equipment UE, and a home location register HLR/home subscription system HSS, wherein:
所述SGSN设备用于:接收UE发送的请求消息,从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥,若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法,将所选择的加密算法和完整性算法发送给所述UE,并根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;The SGSN device is configured to: receive a request message sent by the UE, and obtain an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key, if the SGSN determines that the UE is the first a type of UE, selecting an encryption algorithm and an integrity algorithm for the UE, sending the selected encryption algorithm and integrity algorithm to the UE, and according to the first encryption key and the first An integrity key, obtaining a second encryption key and a second integrity key;
所述UE用于:向SGSN发送请求消息,接收所述SGSN发送的加密算法和完整性算法,并根据所述第一加密密钥和所述第一完整性密钥,获取所述第二加密密钥和所述第二完整性密钥;The UE is configured to: send a request message to the SGSN, receive an encryption algorithm and an integrity algorithm sent by the SGSN, and acquire the second encryption according to the first encryption key and the first integrity key. a key and the second integrity key;
其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
结合第十三方面,在第一种可能的实现方式中,所述HLR/HSS用于:In conjunction with the thirteenth aspect, in a first possible implementation, the HLR/HSS is used to:
接收所述SGSN发送的所述UE的标识;Receiving an identifier of the UE sent by the SGSN;
根据所述UE的标识确定所述UE为第一类型UE;Determining, according to the identifier of the UE, that the UE is a first type UE;
向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。Sending UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使 UE在计算第二加密密钥和第二完整性密钥之后,SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN选择的加密算法和完整性算法来对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. a first encryption key and a first integrity key, obtaining an enhanced second encryption key and a second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that After calculating the second encryption key and the second integrity key, the SGSN and the UE may use the second encryption key, the second integrity key, the encryption algorithm selected by the SGSN, and the integrity algorithm to the SGSN and the UE. The communication message between the two performs encryption protection and integrity protection, and enhances the security of communication of the first type UE in the GPRS network.
附图说明DRAWINGS
为了更清楚地说明本申请中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the present application, the drawings to be used in the embodiments will be briefly described below. Obviously, the drawings in the following description are only some embodiments of the present application, For ordinary technicians, other drawings can be obtained based on these drawings without paying for creative labor.
图1是本申请提供的GPRS系统密钥增强的方法的一实施例的流程示意图;1 is a schematic flow chart of an embodiment of a method for key enhancement of a GPRS system provided by the present application;
图2是本申请提供的GPRS系统密钥增强的方法的另一实施例的流程示意图;2 is a schematic flowchart diagram of another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图3是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;3 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图4是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;4 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图5是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;FIG. 5 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application; FIG.
图6是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;6 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图7是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;7 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图8是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;FIG. 8 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application; FIG.
图9是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;9 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图10是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示 意图;10 is a flow chart showing still another embodiment of a method for key enhancement of a GPRS system provided by the present application. intention;
图11是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;11 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图12是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图;12 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application;
图13是本申请提供的SGSN设备的一实施例的结构示意图;FIG. 13 is a schematic structural diagram of an embodiment of an SGSN device provided by the present application; FIG.
图14是本申请提供的SGSN设备中获得模块的一实施例的结构示意图;14 is a schematic structural diagram of an embodiment of an obtaining module in an SGSN device provided by the present application;
图15是本申请提供的SGSN设备中获得模块的另一实施例的结构示意图;15 is a schematic structural diagram of another embodiment of an obtaining module in an SGSN device provided by the present application;
图16是本申请提供的SGSN设备的另一实施例的结构示意图;16 is a schematic structural diagram of another embodiment of an SGSN device provided by the present application;
图17是本申请提供的UE的一实施例的结构示意图;17 is a schematic structural diagram of an embodiment of a UE provided by the present application;
图18是本申请提供的UE中获取模块的一实施例的结构示意图;FIG. 18 is a schematic structural diagram of an embodiment of an acquiring module in a UE provided by the present application;
图19是本申请提供的UE中获取模块的另一实施例的结构示意图;19 is a schematic structural diagram of another embodiment of an acquiring module in a UE provided by the present application;
图20是本申请提供的UE的另一实施例的结构示意图;20 is a schematic structural diagram of another embodiment of a UE provided by the present application;
图21是本申请提供的HLR/HSS的一实施例的结构示意图;21 is a schematic structural diagram of an embodiment of an HLR/HSS provided by the present application;
图22是本申请提供的HLR/HSS的另一实施例的结构示意图;22 is a schematic structural diagram of another embodiment of an HLR/HSS provided by the present application;
图23是本申请提供的GPRS系统的一实施例的结构示意图。FIG. 23 is a schematic structural diagram of an embodiment of a GPRS system provided by the present application.
具体实施方式detailed description
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application are clearly and completely described in the following with reference to the drawings in the embodiments of the present application. It is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present application without departing from the inventive scope are the scope of the present application.
本申请提供了一种GPRS系统密钥增强的方法、SGSN设备、UE、HLR/HSS及GPRS系统,可对SGSN和UE间的密钥进行增强,为SGSN和UE间的通信提供加密保护和完整性保护,以下将结合附图进行说明。The present application provides a GPRS system key enhancement method, an SGSN device, a UE, an HLR/HSS, and a GPRS system, which can enhance a key between an SGSN and an UE, and provide encryption protection and integrity for communication between the SGSN and the UE. Sexual protection will be described below with reference to the accompanying drawings.
请参阅图1,图1是本申请提供的GPRS系统密钥增强的方法的一实施例的流程示意图。如图1所示,该方法可包括如下步骤:Please refer to FIG. 1. FIG. 1 is a schematic flowchart diagram of an embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 1, the method may include the following steps:
S101,SGSN接收UE发送的请求消息。S101. The SGSN receives the request message sent by the UE.
具体实施中,UE发送给SGSN(Serving GPRS Support Node,服务GPRS 节点)的请求消息可以是附着请求消息、路由更新消息或其他消息,例如服务请求消息。SGSN接收UE发送的请求消息后,可获取发送该请求消息的UE的标识。若该UE为第一类型UE,请求消息中可能携带UE类型指示信息。In a specific implementation, the UE sends the SGSN (Serving GPRS Support Node, serving GPRS) The request message of the node may be an attach request message, a route update message, or other message, such as a service request message. After receiving the request message sent by the UE, the SGSN may obtain the identifier of the UE that sends the request message. If the UE is the first type of UE, the request message may carry the UE type indication information.
本申请实施例中,UE通过USIM卡与网络通信,UE的标识可以是USIM卡的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)。第一类型UE可以为物联网UE、机器通信(Machine To Machine,M2M)UE或其他高安全性UE。其中,物联网UE指的是具备信息传感功能和数据传输功能的用户设备,例如导览机、个人数字助理、条码采集器、数据采集终端和主要用于消费或转账的POS机等。机器通信UE指的是具备联网和通信能力,通过传感器、控制器等来实现“智能”属性,从而能与人、移动网络或其他机器进行信息交流的用户设备。In the embodiment of the present application, the UE communicates with the network through the USIM card, and the identifier of the UE may be an IMSI (International Mobile Subscriber Identification Number) of the USIM card. The first type of UE may be an Internet of Things UE, a Machine To Machine (M2M) UE, or other high security UE. Among them, the Internet of Things (UE) refers to user equipments with information sensing functions and data transmission functions, such as navigation machines, personal digital assistants, barcode collectors, data collection terminals, and POS machines mainly used for consumption or transfer. Machine communication UE refers to a user equipment that has networking and communication capabilities, and realizes "smart" attributes through sensors, controllers, etc., so that information can be exchanged with people, mobile networks or other machines.
S102,所述SGSN从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥。S102. The SGSN acquires an authentication vector from an HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key.
归属位置寄存器(Home Location Register,HLR)是GPRS系统的永久数据库,存储了管理众多移动用户通信所需的信息,包括已注册的移动用户的身份信息、业务信息、服务授权等静态信息,以及用户的位置信息等动态信息。归属签约系统HSS(Home Subscription System,HSS)是HLR的演进和升级,主要负责管理用户的签约数据及移动用户的位置信息。由于HSS与HLR在网络中功能类似,所存储数据有较多重复,通常对外呈现为HSS与HLR融合设备。本申请实施例中,HLR/HSS可以是HLR设备、HSS设备或HLR和HSS的融合设备。The Home Location Register (HLR) is a permanent database of the GPRS system, which stores information needed to manage the communication of many mobile users, including static information such as registered mobile users' identity information, service information, service authorization, and users. Dynamic information such as location information. The Home Subscription System (HSS) is an evolution and upgrade of the HLR. It is mainly responsible for managing the subscription data of users and the location information of mobile users. Since the HSS and the HLR function similarly in the network, the stored data has more repetitions, and is usually presented as an HSS and HLR fusion device. In the embodiment of the present application, the HLR/HSS may be an HLR device, an HSS device, or a fusion device of an HLR and an HSS.
本申请实施例中,SGSN向HLR/HSS获取的认证向量为认证向量五元组,其中包括随机数RAND、期望响应XRES、认证令牌AUTN、加密密钥CK和完整性密钥IK。In the embodiment of the present application, the authentication vector acquired by the SGSN to the HLR/HSS is an authentication vector quintuple, including a random number RAND, an expected response XRES, an authentication token AUTN, an encryption key CK, and an integrity key IK.
本申请实施例中,第一加密密钥为认证向量五元组中的加密密钥CK,第一完整性密钥为认证向量五元组中的完整性密钥IK。In the embodiment of the present application, the first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
S103,若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法,并将所选择的加密算法和完整性算法发送给所述UE。 S103. If the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE, and send the selected encryption algorithm and integrity algorithm to the UE.
在一些可行的实施方式中,SGSN可以将UE的标识发送给HLR/HSS,由HLR/HSS根据UE的标识来判断UE是否为第一类型UE,若SGSN接收到HLR/HSS发送的UE类型指示信息,则可根据所述UE类型指示信息确定UE为第一类型UE。In some possible implementations, the SGSN may send the identifier of the UE to the HLR/HSS, and the HLR/HSS determines whether the UE is the first type of UE according to the identifier of the UE, and if the SGSN receives the UE type indication sent by the HLR/HSS. For information, the UE may be determined to be the first type of UE according to the UE type indication information.
在另一些可行的实施方式中,若UE发送给SGSN的请求消息中携带有UE类型指示信息,SGSN可确定该UE为第一类型UE。In other possible implementation manners, if the request message sent by the UE to the SGSN carries the UE type indication information, the SGSN may determine that the UE is the first type of UE.
可选地,UE类型指示信息可通过特定信息元素(Information Element,IE)的存在性来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中存在某一特定IE,SGSN则可确定UE为第一类型UE,否则可确定UE不是第一类型UE。或者,UE类型指示信息还可通过特定IE的取值来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中某一特定IE的取值为1,SGSN可确定UE为第一类型UE,若该特定IE的取值为0,则SGSN可确定UE不是第一类型UE。Optionally, the UE type indication information may indicate that the UE is the first type of UE by using the presence of a specific information element (IE), for example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, If a certain IE exists in the UE type indication information, the SGSN may determine that the UE is the first type of UE, and may determine that the UE is not the first type of UE. Alternatively, the UE type indication information may also indicate that the UE is the first type of UE by using the value of the specific IE. For example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, if the UE type indication information is in the UE type indication information, If the value of the specific IE is 1, the SGSN may determine that the UE is the first type of UE. If the value of the specific IE is 0, the SGSN may determine that the UE is not the first type of UE.
具体实施中,SGSN可以先从HLR/HSS获取认证向量,再确定UE为第一类型UE;也可以先确定UE为第一类型UE,再从HLR/HSS获取认证向量。In the specific implementation, the SGSN may first obtain the authentication vector from the HLR/HSS, and then determine that the UE is the first type of UE; or determine that the UE is the first type of UE, and then obtain the authentication vector from the HLR/HSS.
具体实施中,UE和SGSN各自配置了一些加密算法和完整性算法,UE向SGSN发送请求消息时,将自身支持的加密算法和完整性算法一并发送给SGSN,SGSN收到UE的请求消息时,从UE支持的加密算法和完整性算法中选择一种SGSN支持的加密算法以及一种SGSN支持的完整性算法。In a specific implementation, the UE and the SGSN are respectively configured with some encryption algorithms and integrity algorithms. When the UE sends a request message to the SGSN, the UE sends the encryption algorithm and the integrity algorithm supported by the UE to the SGSN, and the SGSN receives the request message of the UE. An encryption algorithm supported by the SGSN and an integrity algorithm supported by the SGSN are selected from the encryption algorithm and the integrity algorithm supported by the UE.
在一些可行的实施方式中,SGSN选择的加密算法和完整性算法可用于和认证向量中的第一加密密钥、第一完整性密钥一起计算第二加密密钥和第二完整性密钥。此外,根据SGSN选择的加密算法和第二加密密钥,可以对通信消息进行加密,生成消息密文;根据SGSN选择的完整性算法和第二完整性密钥,可以计算得到消息鉴权码MAC,消息鉴权码MAC可用于验证通信消息的完整性。In some possible implementations, the SGSN selected encryption algorithm and integrity algorithm can be used to calculate the second encryption key and the second integrity key together with the first encryption key and the first integrity key in the authentication vector. . In addition, according to the encryption algorithm selected by the SGSN and the second encryption key, the communication message may be encrypted to generate a message ciphertext; and the message authentication code MAC may be calculated according to the integrity algorithm selected by the SGSN and the second integrity key. The message authentication code MAC can be used to verify the integrity of the communication message.
可选地,当GPRS网络需要128位的第二加密密钥时,SGSN选择的加密算法可以是128-EEA1算法、128-EEA2算法、128-EEA3算法中任意一种;SGSN选择的完整性算法可以是128-EIA1算法、128-EIA2算法、128-EIA3算法中任 意一种。其中128-EEA1算法和128-EIA1算法使用SNOW 3G算法作为核心算法;128-EEA2算法和128-EIA2算法使用AES算法作为核心算法;128-EEA3算法和128-EIA3算法使用ZUC算法(祖冲之算法集)作为核心算法。Optionally, when the GPRS network needs a 128-bit second encryption key, the encryption algorithm selected by the SGSN may be any one of the 128-EEA1 algorithm, the 128-EEA2 algorithm, and the 128-EEA3 algorithm; the integrity algorithm selected by the SGSN. Can be 128-EIA1 algorithm, 128-EIA2 algorithm, 128-EIA3 algorithm Meaning one. The 128-EEA1 algorithm and the 128-EIA1 algorithm use the SNOW 3G algorithm as the core algorithm; the 128-EEA2 algorithm and the 128-EIA2 algorithm use the AES algorithm as the core algorithm; the 128-EEA3 algorithm and the 128-EIA3 algorithm use the ZUC algorithm (the Zuchong algorithm set) ) as the core algorithm.
具体实施中,SGSN在将选择的加密算法和完整性算法发送给UE的同时,还可以将认证向量中的随机数RAND和认证令牌AUTN发送给UE,UE可以根据认证令牌AUTN对SGSN侧进行认证,以实现UE侧对网络侧的鉴权,还可以根据接收到的随机数RAND和认证令牌AUTN,利用f1-f5算法计算出第一加密密钥CK和第一完整性密钥IK。In a specific implementation, the SGSN may send the selected encryption algorithm and the integrity algorithm to the UE, and may also send the random number RAND and the authentication token AUTN in the authentication vector to the UE, and the UE may use the authentication token AUTN to the SGSN side. The authentication is performed to implement the authentication of the network side by the UE side, and the first encryption key CK and the first integrity key IK are calculated by using the f1-f5 algorithm according to the received random number RAND and the authentication token AUTN. .
为了对SGSN和UE之间的通信消息进行保护,需要SGSN和UE双方使用约定的密钥(即第二加密密钥和第二完整性密钥)和算法(即SGSN选择的加密算法和完整性算法)对通信消息进行加密,因此,SGSN选择了一种加密算法和一种完整性算法之后,需要将所选择的加密算法和完整性算法发送给UE,使得UE根据第一加密密钥CK和第一完整性密钥IK计算第二加密密钥和第二完整性密钥之后,与SGSN采用相同的加密算法和完整性算法、以及第二加密密钥和第二完整性密钥对通信消息进行加密。In order to protect the communication message between the SGSN and the UE, both the SGSN and the UE need to use the agreed key (ie, the second encryption key and the second integrity key) and the algorithm (ie, the encryption algorithm and integrity selected by the SGSN). The algorithm encrypts the communication message. Therefore, after the SGSN selects an encryption algorithm and an integrity algorithm, the selected encryption algorithm and the integrity algorithm need to be sent to the UE, so that the UE according to the first encryption key CK and After the first integrity key IK calculates the second encryption key and the second integrity key, the same encryption algorithm and integrity algorithm are used with the SGSN, and the second encryption key and the second integrity key pair communication message are used. Encrypt.
S104,所述SGSN根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥。S104. The SGSN obtains a second encryption key and a second integrity key according to the first encryption key and the first integrity key.
本申请实施例中,SGSN选择了加密算法和完整性算法之后,可根据认证向量中的第一加密密钥和第二加密密钥,获得第二加密密钥和第二完整性密钥。第二加密密钥和第二完整性密钥是在第一加密密钥和第一完整性密钥基础上增强的密钥,其中第二加密密钥和SGSN所选择的加密算法可用于对SGSN和所述UE之间传输的消息进行机密性保护;第二完整性密钥和SGSN选择的完整性算法可用于对SGSN和所述UE之间传输的消息进行完整性保护。In the embodiment of the present application, after the SGSN selects the encryption algorithm and the integrity algorithm, the second encryption key and the second integrity key may be obtained according to the first encryption key and the second encryption key in the authentication vector. The second encryption key and the second integrity key are keys enhanced based on the first encryption key and the first integrity key, wherein the second encryption key and the encryption algorithm selected by the SGSN are available for the SGSN The message transmitted between the UE and the UE is confidentially protected; the second integrity key and the integrity algorithm selected by the SGSN can be used to perform integrity protection on messages transmitted between the SGSN and the UE.
可选地,SGSN可以仅根据第一加密密钥和第一完整性密钥来获得第二加密密钥和第二完整性密钥;或者,可以根据第一加密密钥、第一完整性密钥、所选择的加密算法以及所选择的完整性算法来获得第二加密密钥和第二完整性密钥。Optionally, the SGSN may obtain the second encryption key and the second integrity key only according to the first encryption key and the first integrity key; or may be based on the first encryption key, the first integrity key The key, the selected encryption algorithm, and the selected integrity algorithm are used to obtain the second encryption key and the second integrity key.
具体实施中,步骤S104中将SGSN选择的加密算法和完整性算法发送给所述UE和步骤S105中SGSN根据所述认证向量中的第一加密密钥和第一完 整性密钥计算第二加密密钥和第二完整性密钥的顺序不分先后。In a specific implementation, the encryption algorithm and the integrity algorithm selected by the SGSN are sent to the UE in step S104, and the SGSN in step S105 is based on the first encryption key and the first in the authentication vector. The order in which the integer key calculates the second encryption key and the second integrity key is in no particular order.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE在计算第二加密密钥和第二完整性密钥之后,SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN选择的加密算法和完整性算法来对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the second integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE is calculating the second After the encryption key and the second integrity key, the SGSN and the UE can communicate the communication message between the SGSN and the UE by using the second encryption key, the second integrity key, the encryption algorithm selected by the SGSN, and the integrity algorithm. Encryption protection and integrity protection are performed to enhance the security of communication of the first type of UE in the GPRS network.
请参阅图2,图2是本申请提供的GPRS系统密钥增强的方法的另一实施例的流程示意图。如图2所示,该方法可包括如下步骤:Please refer to FIG. 2. FIG. 2 is a schematic flowchart diagram of another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 2, the method may include the following steps:
S201,SGSN接收UE发送的请求消息。S201. The SGSN receives the request message sent by the UE.
S202,所述SGSN从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥。S202. The SGSN acquires an authentication vector from an HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key.
S203,若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法。S203. If the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE.
S204,所述SGSN将所选择的加密算法和完整性算法发送给所述UE。S204. The SGSN sends the selected encryption algorithm and integrity algorithm to the UE.
本申请实施例中,步骤S201-S204的具体实施方式可参阅图1所示实施例的步骤S101-S103,在此不赘述。For the specific implementation of the steps S201-S204 in the embodiment of the present application, reference may be made to the steps S101-S103 of the embodiment shown in FIG. 1 , and details are not described herein.
S205,所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥。S205. The SGSN calculates an intermediate key according to the first encryption key and the first integrity key.
作为一种可行的实施方式,可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the first encryption key and the first integrity key may be operated, and then the operation result is used as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,所述中间密钥可直接采用现有的64位GPRS加密密钥Kc或现有的128位加密密钥Kc128,即可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。 As another feasible implementation manner, the intermediate key may directly adopt an existing 64-bit GPRS encryption key Kc or an existing 128-bit encryption key Kc128, that is, the existing GPRS encryption key Kc may be directly used. (64-bit) as the intermediate key, or directly use the existing Kc128 (128-bit) as the intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
S206,所述SGSN根据所述中间密钥或者根据所述中间密钥和加密特征字符串计算第二加密密钥。S206. The SGSN calculates a second encryption key according to the intermediate key or according to the intermediate key and the encryption feature string.
作为一种可行的实施方式,所述SGSN可以将所述中间密钥的第一预设比特位作为第二加密密钥。例如,若GPRS系统需要64位的第二加密密钥,则可以直接将所述中间密钥的最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥,则可以直接将所述中间密钥的最高128位作为第二加密密钥。在其他可选的实施方式中,也可以从所述中间密钥中任意选取所需位数的比特位作为第二加密密钥,本申请对此不做限定。As a possible implementation manner, the SGSN may use the first preset bit of the intermediate key as the second encryption key. For example, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits of the intermediate key can be directly used as the second encryption key; if the GPRS system requires a 128-bit second encryption key, then The highest 128 bits of the intermediate key are directly used as the second encryption key. In other optional implementations, the bit of the required number of bits may be arbitrarily selected from the intermediate key as the second encryption key, which is not limited in this application.
作为另一种可行的实施方式,所述SGSN可以根据所述中间密钥和加密特征字符串ciphering计算第二加密密钥。具体实施中,可以将中间密钥和加密特征字符串ciphering作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥可以通过Kcipher=KDF(Km,“ciphering”)计算得到。“ciphering”是加密特征字符串,可以通过编码产生。As another possible implementation manner, the SGSN may calculate a second encryption key according to the intermediate key and the encryption feature string ciphering. In a specific implementation, the intermediate key and the encrypted feature string ciphering may be used as input parameters of the key derivation function KDF to calculate the second encryption key. For example, the second encryption key can be calculated by K cipher =KDF(Km, "ciphering"). "ciphering" is an encrypted feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) as the second encryption key; or, the intermediate key Kc128 is used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second encryption Key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (for example, the highest 64 bits) as the second encryption key; alternatively, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key derivation function KDF The output is used as the second encryption key.
S207,所述SGSN根据所述中间密钥或者根据所述中间密钥和完整性特征字符串计算第二完整性密钥。 S207. The SGSN calculates a second integrity key according to the intermediate key or according to the intermediate key and the integrity feature string.
作为一种可行的实施方式,所述SGSN可以将所述中间密钥的第二预设比特位作为第二完整性密钥。例如,若GPRS系统需要64位的第二完整性密钥,则可以直接将所述中间密钥的最低64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,则可以直接将所述中间密钥的最低128位作为第二完整性密钥。在其他可选的实施方式中,也可以从所述中间密钥中任意选取所需位数的比特位作为第二完整性密钥,本申请对此不做限定。As a possible implementation manner, the SGSN may use the second preset bit of the intermediate key as the second integrity key. For example, if the GPRS system requires a 64-bit second integrity key, the lowest 64 bits of the intermediate key can be directly used as the second integrity key; if the GPRS system requires a 128-bit second integrity key Then, the lowest 128 bits of the intermediate key can be directly used as the second integrity key. In other optional implementations, the bit of the required number of bits may be arbitrarily selected from the intermediate key as the second integrity key, which is not limited in this application.
作为另一种可行的实施方式,所述SGSN可以根据所述中间密钥和完整性特征字符串integrity计算第二完整性密钥。具体实施中,可以将中间密钥和完整性特征字符串integrity作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥可以通过Kintegrity=KDF(Km,“integrity”)计算得到。“integrity”是完整性特征字符串,可以通过编码产生。As another possible implementation manner, the SGSN may calculate a second integrity key according to the intermediate key and the integrity feature string integrity. In a specific implementation, the intermediate key and the integrity feature string integrity may be used as an input parameter of the key derivation function KDF to calculate the second integrity key. For example, the second integrity key can be calculated by K integrity = KDF(Km, "integrity"). "integrity" is an integrity feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is output. As the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,加密特征字符串ciphering和完整性特征字符串integrity用于使计算出来的第二加密密钥和第二完整性密钥不同以便于区分,因此完整性特征字符串integrity可以是任意与加密特征字符串ciphering不一致的字符串。 In the embodiment of the present application, the encryption feature string ciphering and the integrity feature string integrity are used to make the calculated second encryption key and the second integrity key different to facilitate differentiation, so the integrity feature string integrity may be Any string that is inconsistent with the ciphering of the encrypted feature string.
具体实施中,步骤S204将SGSN选择的加密算法和完整性算法发送给所述UE和步骤S205、S206、S207计算中间密钥和第二加密密钥、第二完整性密钥的顺序不分先后。In a specific implementation, the step S204 sends the encryption algorithm and the integrity algorithm selected by the SGSN to the UE, and the steps of calculating the intermediate key, the second encryption key, and the second integrity key in steps S205, S206, and S207 are in no particular order. .
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE在计算第二加密密钥和第二完整性密钥之后,SGSN和UE双方可通过第二加密密钥和第二完整性密钥、SGSN选择的加密算法和完整性算法来对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the second integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE is calculating the second After the encryption key and the second integrity key, both the SGSN and the UE can communicate the communication message between the SGSN and the UE by using the second encryption key and the second integrity key, the encryption algorithm and the integrity algorithm selected by the SGSN. Encryption protection and integrity protection are performed to enhance the security of communication of the first type of UE in the GPRS network.
请参阅图3,图3是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图3所示,该方法可包括如下步骤:Please refer to FIG. 3. FIG. 3 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 3, the method may include the following steps:
S301,SGSN接收UE发送的请求消息。S301. The SGSN receives the request message sent by the UE.
S302,所述SGSN从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥。S302. The SGSN acquires an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key.
S303,若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法。S303. If the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE.
S304,所述SGSN将所选择的加密算法和完整性算法发送给所述UE。S304. The SGSN sends the selected encryption algorithm and integrity algorithm to the UE.
S305,所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥。S305. The SGSN calculates an intermediate key according to the first encryption key and the first integrity key.
本申请实施例中,步骤S301-S305的具体实施方式可参阅图2所示实施例的步骤S201-S205,在此不赘述。For the specific implementation of the steps S301-S305 in the embodiment of the present application, reference may be made to the steps S201-S205 of the embodiment shown in FIG. 2, and details are not described herein.
S306,所述SGSN根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算第二加密密钥。S306. The SGSN calculates a second encryption key according to the intermediate key, the first algorithm type indication, and the identifier of the selected encryption algorithm.
具体实施中,可以将中间密钥、第一算法类型指示和所选择的加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥Kcipher可以通过Kcipher=KDF(Km,algorithm type distinguisher1,ciphering algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher1为 第一算法类型指示,ciphering algorithm id为SGSN所选择的加密算法的标识。In a specific implementation, the intermediate key, the first algorithm type indication, and the identifier of the selected encryption algorithm may be used as an input parameter of the key derivation function KDF to calculate the second encryption key. For example, the second encryption key K cipher can be calculated by K cipher = KDF (Km, algorithm type distinguished er1, ciphering algorithm id), where Km is an intermediate key, the algorithm type distinguish er1 is the first algorithm type indication, and the ciphering algorithm id is The identifier of the encryption algorithm selected by the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) as the second encryption key; or, the intermediate key Kc128 is used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second encryption Key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (for example, the highest 64 bits) as the second encryption key; alternatively, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key derivation function KDF The output is used as the second encryption key.
S307,所述SGSN根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算第二完整性密钥。S307. The SGSN calculates a second integrity key according to the intermediate key, the second algorithm type indication, and the identifier of the selected integrity algorithm.
具体实施中,可以将中间密钥、第二算法类型指示和所选择的完整性算法的标识作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥Kcipher可以通过Kintegrity=KDF(Km,algorithm type distinguisher2,integrity algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的完整性算法的标识。In a specific implementation, the intermediate key, the second algorithm type indication, and the identifier of the selected integrity algorithm may be used as an input parameter of the key derivation function KDF to calculate the second integrity key. For example, the second integrity key K cipher can be calculated by K integrity = KDF (Km, algorithm type distinguished er2, integrity algorithm id), where Km is the intermediate key, the algorithm type distinguish er2 is the second algorithm type indication, and the integrity algorithm id The identity of the integrity algorithm selected for the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一, 将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF a preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, The output of the key derivation function KDF is taken as the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法,第一算法类型指示和第二算法类型指示的取值不相同。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indication is used to indicate that the algorithm currently participating in the operation is an encryption type algorithm, and the second algorithm type indication is used to indicate that the algorithm currently participating in the operation is an integrity type algorithm, and the first algorithm type indication The value indicated by the second algorithm type is different. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示中IE的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may adopt the same identifier, and in this case, the algorithm type indication is needed to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second Different values of the IE in the algorithm type indication may distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and may cause the calculated values of the second encryption key and the second integrity key to be different to distinguish the second encryption key. Key and second integrity key.
具体实施中,步骤S304将SGSN选择的加密算法和完整性算法发送给所述UE和步骤S305、S306、S307计算中间密钥和第二加密密钥、第二完整性密钥的顺序不分先后。In a specific implementation, the step S304 sends the encryption algorithm and the integrity algorithm selected by the SGSN to the UE, and the steps of calculating the intermediate key, the second encryption key, and the second integrity key in steps S305, S306, and S307 are in no particular order. .
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使 UE计算第二加密密钥和第二完整性密钥,通过第二加密密钥和第二完整性密钥对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. a first encryption key and a first integrity key, obtaining an enhanced second encryption key and a second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that The UE calculates a second encryption key and a second integrity key, and performs encryption protection and integrity protection on the communication message between the SGSN and the UE by using the second encryption key and the second integrity key to enhance the first type of UE. Security of communication in a GPRS network.
请参阅图4,图4是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图4所示,该方法可包括如下步骤:Please refer to FIG. 4. FIG. 4 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 4, the method may include the following steps:
S401,SGSN接收UE发送的请求消息。S401. The SGSN receives the request message sent by the UE.
S402,所述SGSN从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥。S402. The SGSN acquires an authentication vector from an HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key.
本申请实施例中,步骤S401-S402的具体实施方式可参阅图1所示实施例的步骤S101-S102,在此不赘述。For the specific implementation of the steps S401-S402 in the embodiment of the present application, reference may be made to the steps S101-S102 of the embodiment shown in FIG. 1 , and details are not described herein.
S403,所述SGSN确定所述UE为第一类型UE。S403. The SGSN determines that the UE is a first type of UE.
在一些可行的实施方式中,SGSN可以将UE的标识发送给HLR/HSS,由HLR/HSS根据UE的标识来判断UE是否为第一类型UE,若SGSN接收到HLR/HSS发送的UE类型指示信息,则可根据所述UE类型指示信息确定UE为第一类型UE。In some possible implementations, the SGSN may send the identifier of the UE to the HLR/HSS, and the HLR/HSS determines whether the UE is the first type of UE according to the identifier of the UE, and if the SGSN receives the UE type indication sent by the HLR/HSS. For information, the UE may be determined to be the first type of UE according to the UE type indication information.
在另一些可行的实施方式中,若UE发送给SGSN的请求消息中携带有UE类型指示信息,SGSN可确定该UE为第一类型UE。In other possible implementation manners, if the request message sent by the UE to the SGSN carries the UE type indication information, the SGSN may determine that the UE is the first type of UE.
可选地,SGSN可以通过UE类型指示信息中特定信息元素(Information Element,IE)的存在与否来确定UE是否为第一类型UE,例如,当UE类型指示信息中含有上述特定IE时,SGSN可确定UE为第一类型UE,当UE类型指示信息中不含上述特定IE时,SGSN可确定UE不是第一类型UE。或者,SGSN可以通过UE类型指示信息中某一IE的数据内容来确定UE是否为第一类型UE,例如,当上述某一IE的数据内容为1时,SGSN可确定UE为第一类型UE,当上述某一IE的数据内容为0时,SGSN可确定UE不是第一类型UE。Optionally, the SGSN may determine whether the UE is a first type of UE by using a specific information element (IE) in the UE type indication information, for example, when the UE type indication information includes the specific IE, the SGSN The UE may be determined to be the first type of UE. When the UE type indication information does not include the specific IE, the SGSN may determine that the UE is not the first type of UE. Alternatively, the SGSN may determine whether the UE is the first type of UE by using the data content of an IE in the UE type indication information. For example, when the data content of the foregoing IE is 1, the SGSN may determine that the UE is the first type of UE. When the data content of one of the above IEs is 0, the SGSN may determine that the UE is not the first type of UE.
具体实施中,SGSN可以先从HLR/HSS获取认证向量,再确定UE为第一类型UE;也可以先确定UE为第一类型UE,再从HLR/HSS获取认证向量。In the specific implementation, the SGSN may first obtain the authentication vector from the HLR/HSS, and then determine that the UE is the first type of UE; or determine that the UE is the first type of UE, and then obtain the authentication vector from the HLR/HSS.
S404,所述SGSN为所述UE选择一种加密算法和一种完整性算法。S404. The SGSN selects an encryption algorithm and an integrity algorithm for the UE.
具体实施中,UE和SGSN各自配置了一些加密算法和完整性算法,UE 向SGSN发送请求消息时,将自身支持的加密算法和完整性算法一并发送给SGSN,SGSN收到UE的请求消息时,从UE支持的加密算法和完整性算法中选择一种SGSN支持的加密算法以及一种SGSN支持的完整性算法。In a specific implementation, the UE and the SGSN are respectively configured with some encryption algorithms and integrity algorithms, and the UE When sending the request message to the SGSN, the encryption algorithm and the integrity algorithm supported by the SGSN are sent to the SGSN. When the SGSN receives the request message of the UE, the SGSN selects an encryption supported by the SGSN from the encryption algorithm and the integrity algorithm supported by the UE. Algorithm and an integrity algorithm supported by the SGSN.
本申请实施例中,SGSN选择的加密算法和完整性算法可用于和认证向量中的第一加密密钥、第一完整性密钥一起计算第二加密密钥和第二完整性密钥。此外,根据SGSN选择的加密算法和生成的第二加密密钥,可以对通信消息进行加密,生成消息密文;根据SGSN选择的完整性算法和生成的第二完整性密钥,可以计算得到消息鉴权码MAC,消息鉴权码MAC可用于验证通信消息的完整性。In the embodiment of the present application, the encryption algorithm and the integrity algorithm selected by the SGSN may be used to calculate the second encryption key and the second integrity key together with the first encryption key and the first integrity key in the authentication vector. In addition, according to the encryption algorithm selected by the SGSN and the generated second encryption key, the communication message may be encrypted to generate a message ciphertext; and the message may be calculated according to the integrity algorithm selected by the SGSN and the generated second integrity key. The authentication code MAC, the message authentication code MAC, can be used to verify the integrity of the communication message.
可选地,当GPRS网络需要128位的第二加密密钥时,SGSN选择的加密算法可以是128-EEA1算法、128-EEA2算法、128-EEA3算法中任意一种;SGSN选择的完整性算法可以是128-EIA1算法、128-EIA2算法、128-EIA3算法中任意一种。其中128-EEA1算法和128-EIA1算法使用SNOW 3G算法作为核心算法;128-EEA2算法和128-EIA2算法使用AES算法作为核心算法;128-EEA3算法和128-EIA3算法使用ZUC算法(祖冲之算法集)作为核心算法。Optionally, when the GPRS network needs a 128-bit second encryption key, the encryption algorithm selected by the SGSN may be any one of the 128-EEA1 algorithm, the 128-EEA2 algorithm, and the 128-EEA3 algorithm; the integrity algorithm selected by the SGSN. It may be any one of 128-EIA1 algorithm, 128-EIA2 algorithm, and 128-EIA3 algorithm. The 128-EEA1 algorithm and the 128-EIA1 algorithm use the SNOW 3G algorithm as the core algorithm; the 128-EEA2 algorithm and the 128-EIA2 algorithm use the AES algorithm as the core algorithm; the 128-EEA3 algorithm and the 128-EIA3 algorithm use the ZUC algorithm (the Zuchong algorithm set) ) as the core algorithm.
S405,所述SGSN根据所述第一加密密钥、第一算法类型指示和所选择的加密算法的标识,计算第二加密密钥。S405. The SGSN calculates a second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm.
具体地,SGSN可以将第一加密密钥、第一算法类型指示和所选择的加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥,例如:Kcipher=KDF(CK,algorithm type distinguisher1,ciphering algorithm id),其中CK为第一加密密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的的加密算法的标识。Specifically, the SGSN may calculate the second encryption key by using the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm as input parameters of the key derivation function KDF, for example: K cipher =KDF( CK, algorithm type distinguisher er1, ciphering algorithm id), where CK is the first encryption key, the algorithm type distinguisher er1 is the first algorithm type indication, and the ciphering algorithm id is the identifier of the encryption algorithm selected by the SGSN.
可选地,若GPRS系统需要64位的第二加密密钥,可以从计算出的Kcipher中取最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥,可以从计算出的Kcipher中取最高128位作为第二加密密钥。在其他可行的实施方式中,也可以从计算出的Kcipher中任意选出所需位数作为第二加密密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits may be taken from the calculated K cipher as the second encryption key; if the GPRS system requires a 128-bit second encryption key, The highest 128 bits are taken from the calculated K cipher as the second encryption key. In other possible implementations, the required number of bits can be arbitrarily selected as the second encryption key from the calculated K cipher , which is not limited in this application.
S406,所述SGSN根据所述第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识,计算第二完整性密钥。 S406. The SGSN calculates a second integrity key according to the first integrity key, the second algorithm type indication, and the identifier of the selected integrity algorithm.
具体地,SGSN可以将第一完整性密钥IK、第二算法类型指示algorithm type distinguisher2和所选择的完整性算法的标识integrity algorithm id作为密钥推衍函数KDF的输入参数来计算第二完整性密钥,例如:Kintegrity=KDF(IK,algorithm type distinguisher2,integrity algorithm id),其中IK为第一完整性密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的的完整性算法的标识。Specifically, the SGSN may calculate the second integrity by using the first integrity key IK, the second algorithm type indicating algorithm type distinguisher2, and the identifier integrity algorithm id of the selected integrity algorithm as input parameters of the key derivation function KDF. The key, for example, K integrity = KDF (IK, algorithm type distinguished er2, integrity algorithm id), where IK is the first integrity key, the algorithm type distinguisher er2 is the second algorithm type indication, and the integrity algorithm id is selected by the SGSN. The identity of the integrity algorithm.
可选地,若GPRS系统需要64位的第二完整性密钥,可以从计算出的Kintegrity中取最高64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,可以从计算出的Kintegriy中取最高128位作为第二完整性密钥。在其他可行的实施方式中,也可以从计算出的Kintegrity中任意选出所需位数作为第二完整性密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second integrity key, a maximum of 64 bits may be taken from the calculated K integrity as a second integrity key; if the GPRS system requires a 128-bit second integrity key The key can take up to 128 bits from the calculated K integriy as the second integrity key. In other possible implementations, the required number of bits can be arbitrarily selected as the second integrity key from the calculated K integrity , which is not limited in this application.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法,第一算法类型指示和第二算法类型指示的取值不相同。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indication is used to indicate that the algorithm currently participating in the operation is an encryption type algorithm, and the second algorithm type indication is used to indicate that the algorithm currently participating in the operation is an integrity type algorithm, and the first algorithm type indication The value indicated by the second algorithm type is different. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may adopt the same identifier, and in this case, the algorithm type indication is needed to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second The different values indicated by the algorithm type can distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and can make the calculated values of the second encryption key and the second integrity key different to distinguish the second encryption key and Second integrity key.
S407,所述SGSN将所选择的加密算法和完整性算法发送给所述UE。S407. The SGSN sends the selected encryption algorithm and integrity algorithm to the UE.
具体实施中,SGSN在将选择的加密算法和完整性算法发送给UE的同时,还可以将认证向量中的随机数RAND和认证令牌AUTN发送给UE,UE可以根据认证令牌AUTN对SGSN侧进行认证,即实现UE侧对网络侧的鉴 权,还可以根据接收到的随机数RAND和认证令牌AUTN,利用f1-f5算法计算出第一加密密钥CK和第一完整性密钥IK。In a specific implementation, the SGSN may send the selected encryption algorithm and the integrity algorithm to the UE, and may also send the random number RAND and the authentication token AUTN in the authentication vector to the UE, and the UE may use the authentication token AUTN to the SGSN side. Perform authentication, that is, implement the UE side to the network side The weight may also calculate the first encryption key CK and the first integrity key IK by using the f1-f5 algorithm according to the received random number RAND and the authentication token AUTN.
具体实施中,步骤S407将SGSN选择的加密算法和完整性算法发送给所述UE和步骤S405、S406中计算第二加密密钥、第二完整性密钥的顺序不分先后。In a specific implementation, step S407 sends the encryption algorithm and the integrity algorithm selected by the SGSN to the UE, and the steps of calculating the second encryption key and the second integrity key in steps S405 and S406 are in no particular order.
为了对SGSN和UE之间的通信消息进行保护,需要SGSN和UE双方使用约定的密钥(即第二加密密钥和第二完整性密钥)和算法(即SGSN选择的加密算法和完整性算法)对通信消息进行加密,因此,SGSN选择了一种加密算法和一种完整性算法之后,需要将所选择的加密算法和完整性算法发送给UE,使得UE根据第一加密密钥CK和第一完整性密钥IK计算第二加密密钥和第二完整性密钥之后,与SGSN采用的相同的加密算法和完整性算法、以及第二加密密钥和第二完整性密钥对通信消息进行加密。In order to protect the communication message between the SGSN and the UE, both the SGSN and the UE need to use the agreed key (ie, the second encryption key and the second integrity key) and the algorithm (ie, the encryption algorithm and integrity selected by the SGSN). The algorithm encrypts the communication message. Therefore, after the SGSN selects an encryption algorithm and an integrity algorithm, the selected encryption algorithm and the integrity algorithm need to be sent to the UE, so that the UE according to the first encryption key CK and After the first integrity key IK calculates the second encryption key and the second integrity key, the same encryption algorithm and integrity algorithm used by the SGSN, and the second encryption key and the second integrity key pair are communicated. The message is encrypted.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE计算第二加密密钥和第二完整性密钥,通过第二加密密钥和第二完整性密钥对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the first integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE calculates the second encryption The key and the second integrity key perform encryption protection and integrity protection on the communication message between the SGSN and the UE through the second encryption key and the second integrity key, and enhance communication of the first type UE in the GPRS network Security.
请参阅图5,图5是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图5所示,该方法可包括如下步骤:Please refer to FIG. 5. FIG. 5 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 5, the method may include the following steps:
S501,SGSN接收UE发送的请求消息。S501. The SGSN receives the request message sent by the UE.
S502,所述SGSN从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥。S502. The SGSN acquires an authentication vector from an HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key.
本申请实施例中,步骤S501-S502的具体实施方式可参阅图1所示实施例的步骤S101-S102,在此不赘述。For the specific implementation of the steps S501-S502 in the embodiment of the present application, reference may be made to the steps S101-S102 of the embodiment shown in FIG. 1 , and details are not described herein.
S503,所述SGSN确定所述UE为第一类型UE。S503. The SGSN determines that the UE is a first type of UE.
S504,所述SGSN为所述UE选择一种加密算法和一种完整性算法。S504. The SGSN selects an encryption algorithm and an integrity algorithm for the UE.
本申请实施例中,步骤S503-S504的具体实施方式可参阅图3所示实施例 的步骤S303-S304,在此不赘述。In the embodiment of the present application, the specific implementation manners of steps S503-S504 can refer to the embodiment shown in FIG. 3. Steps S303-S304 are not described herein.
S505,所述SGSN将所述第一加密密钥或者所述第一加密密钥的预设比特位作为第二加密密钥。S505. The SGSN uses the first encryption key or a preset bit of the first encryption key as a second encryption key.
在一些可行的实施方式中,第一加密密钥为128位密钥,GPRS系统所需的第二加密密钥也为128位密钥,则可以直接将第一加密密钥作为第二加密密钥;若GPRS系统所需的第二加密密钥为64位密钥,则可从第一加密密钥中选取64个预设比特位作为第二加密密钥,例如选取最高64位作为第二加密密钥。In some possible implementations, the first encryption key is a 128-bit key, and the second encryption key required by the GPRS system is also a 128-bit key, and the first encryption key can be directly used as the second encryption key. Key; if the second encryption key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first encryption key as the second encryption key, for example, selecting the highest 64 bits as the second key Encryption key.
S506,所述SGSN将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为第二完整性密钥。S506. The SGSN uses the first integrity key or a preset bit of the first integrity key as a second integrity key.
在一些可行的实施方式中,第一完整性密钥为128位密钥,GPRS系统所需的第二完整性密钥也为128位密钥,则可以直接将第一完整性密钥作为第二完整性密钥;若GPRS系统所需的第二完整性密钥为64位密钥,则可从第一完整性密钥中选取64个预设比特位作为第二完整性密钥,例如选取最高64位作为第二完整性密钥。In some possible implementations, the first integrity key is a 128-bit key, and the second integrity key required by the GPRS system is also a 128-bit key, and the first integrity key can be directly used as the first a second integrity key; if the second integrity key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first integrity key as the second integrity key, for example The highest 64 bits are selected as the second integrity key.
本申请实施例中,根据第二加密密钥和SGSN选择的加密算法,可以对通信消息进行加密,生成消息密文;根据第二完整性密钥和SGSN选择的完整性算法,可以计算得到消息鉴权码MAC,消息鉴权码MAC可用于验证通信消息的完整性。In the embodiment of the present application, according to the second encryption key and the encryption algorithm selected by the SGSN, the communication message may be encrypted to generate a message ciphertext; and the message may be calculated according to the second integrity key and the integrity algorithm selected by the SGSN. The authentication code MAC, the message authentication code MAC, can be used to verify the integrity of the communication message.
S507,所述SGSN将所选择的加密算法和完整性算法发送给所述UE。S507. The SGSN sends the selected encryption algorithm and integrity algorithm to the UE.
具体实施中,SGSN在将选择的加密算法和完整性算法发送给UE的同时,还可以将认证向量中的随机数RAND和认证令牌AUTN发送给UE,UE可以根据认证令牌AUTN对SGSN侧进行认证,即实现UE侧对网络侧的鉴权,还可以根据接收到的随机数RAND和认证令牌AUTN,利用f1-f5算法计算出第一加密密钥CK和第一完整性密钥IK。In a specific implementation, the SGSN may send the selected encryption algorithm and the integrity algorithm to the UE, and may also send the random number RAND and the authentication token AUTN in the authentication vector to the UE, and the UE may use the authentication token AUTN to the SGSN side. The authentication is performed, that is, the UE side authenticates the network side, and the first encryption key CK and the first integrity key IK are calculated by using the f1-f5 algorithm according to the received random number RAND and the authentication token AUTN. .
具体实施中,步骤S507将SGSN选择的加密算法和完整性算法发送给所述UE和步骤S505、S506的顺序不分先后。In a specific implementation, step S507 sends the encryption algorithm and the integrity algorithm selected by the SGSN to the UE, and the sequence of steps S505 and S506 is in no particular order.
为了对SGSN和UE之间的通信消息进行保护,需要SGSN和UE双方使用约定的密钥(即第二加密密钥和第二完整性密钥)和算法(即SGSN选择的 加密算法和完整性算法)对通信消息进行加密,因此,SGSN选择了一种加密算法和一种完整性算法之后,需要将所选择的加密算法和完整性算法发送给UE,使得UE根据第一加密密钥CK和第一完整性密钥IK计算第二加密密钥和第二完整性密钥之后,与SGSN采用的相同的加密算法和完整性算法、以及以及第二加密密钥和第二完整性密钥对通信消息进行加密。In order to protect the communication message between the SGSN and the UE, both the SGSN and the UE need to use the agreed key (ie, the second encryption key and the second integrity key) and the algorithm (ie, the SGSN selects The encryption algorithm and the integrity algorithm) encrypt the communication message. Therefore, after the SGSN selects an encryption algorithm and an integrity algorithm, the selected encryption algorithm and the integrity algorithm need to be sent to the UE, so that the UE is based on the first After the encryption key CK and the first integrity key IK calculate the second encryption key and the second integrity key, the same encryption algorithm and integrity algorithm as used by the SGSN, and the second encryption key and the second The integrity key encrypts the communication message.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE在计算第二加密密钥和第二完整性密钥之后,SGSN和UE双方可通过第二加密密钥和第二完整性密钥、SGSN选择的加密算法和完整性算法来对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the second integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE is calculating the second After the encryption key and the second integrity key, both the SGSN and the UE can communicate the communication message between the SGSN and the UE by using the second encryption key and the second integrity key, the encryption algorithm and the integrity algorithm selected by the SGSN. Encryption protection and integrity protection are performed to enhance the security of communication of the first type of UE in the GPRS network.
请参阅图6,图6是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图6所示,该方法可包括如下步骤:Please refer to FIG. 6. FIG. 6 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 6, the method may include the following steps:
S601,UE向SGSN发送请求消息。S601. The UE sends a request message to the SGSN.
具体实施中,UE发送给SGSN的请求消息可以是附着请求消息、路由更新消息或其他消息,例如服务请求消息。SGSN接收UE发送的请求消息后,可获取发送该请求消息的UE的标识。若该UE为第一类型UE,请求消息中可能携带UE类型指示信息。In a specific implementation, the request message sent by the UE to the SGSN may be an attach request message, a route update message, or other message, such as a service request message. After receiving the request message sent by the UE, the SGSN may obtain the identifier of the UE that sends the request message. If the UE is the first type of UE, the request message may carry the UE type indication information.
本申请实施例中,UE通过USIM卡与网络通信,UE的标识可以是USIM卡的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)。第一类型UE可包括物联网UE、机器通信(Machine To Machine,M2M)UE或其他高安全性UE。其中物联网UE指的是具备信息传感功能和数据传输功能的用户设备,例如导览机、个人数字助理、条码采集器、数据采集终端和主要用于消费或转账的POS机等。机器通信UE指的是具备联网和通信能力,通过传感器、控制器等来实现“智能”属性,从而能与人、移动网络或其他机器进行信息交流的用户设备。In the embodiment of the present application, the UE communicates with the network through the USIM card, and the identifier of the UE may be an IMSI (International Mobile Subscriber Identification Number) of the USIM card. The first type of UE may include an Internet of Things UE, a Machine To Machine (M2M) UE, or other high security UE. Among them, the Internet of Things (UE) refers to user equipments with information sensing functions and data transmission functions, such as navigation machines, personal digital assistants, bar code collectors, data collection terminals, and POS machines mainly used for consumption or transfer. Machine communication UE refers to a user equipment that has networking and communication capabilities, and realizes "smart" attributes through sensors, controllers, etc., so that information can be exchanged with people, mobile networks or other machines.
本申请实施例以UE为第一类型UE为例进行说明,在一些可行的实施方 式中,所述UE向所述SGSN发送的请求消息中可包含UE类型指示信息,以使所述SGSN根据所述UE类型指示信息判定所述UE为第一类型UE。The embodiment of the present application takes the UE as the first type of UE as an example, and is in some feasible implementations. The request message sent by the UE to the SGSN may include UE type indication information, so that the SGSN determines that the UE is a first type UE according to the UE type indication information.
可选地,UE类型指示信息可通过特定信息元素(Information Element,IE)的存在性来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中存在某一特定IE,SGSN则可确定UE为第一类型UE,否则可确定UE不是第一类型UE。或者,UE类型指示信息还可通过特定IE的取值来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中某一特定IE的取值为1,SGSN可确定UE为第一类型UE,若该特定IE的取值为0,则SGSN可确定UE不是第一类型UE。Optionally, the UE type indication information may indicate that the UE is the first type of UE by using the presence of a specific information element (IE), for example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, If a certain IE exists in the UE type indication information, the SGSN may determine that the UE is the first type of UE, and may determine that the UE is not the first type of UE. Alternatively, the UE type indication information may also indicate that the UE is the first type of UE by using the value of the specific IE. For example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, if the UE type indication information is in the UE type indication information, If the value of the specific IE is 1, the SGSN may determine that the UE is the first type of UE. If the value of the specific IE is 0, the SGSN may determine that the UE is not the first type of UE.
具体实施中,UE和SGSN各自配置了一些加密算法和完整性算法,UE向SGSN发送请求消息时,将自身支持的加密算法和完整性算法一并发送给SGSN。In a specific implementation, the UE and the SGSN are respectively configured with some encryption algorithms and integrity algorithms. When the UE sends a request message to the SGSN, the UE sends the encryption algorithm and the integrity algorithm supported by the UE to the SGSN.
S602,所述UE接收所述SGSN发送的加密算法和完整性算法。S602. The UE receives an encryption algorithm and an integrity algorithm sent by the SGSN.
SGSN接收UE的请求消息之后,若确定上述UE是第一类型UE,SGSN从UE支持的加密算法和完整性算法中选择一种SGSN支持的加密算法以及一种SGSN支持的完整性算法。SGSN将选择的加密算法和完整性算法发送给UE,并根据认证向量中的第一加密密钥和第一完整性密钥,获得第二加密密钥和第二完整性密钥。After the SGSN receives the request message of the UE, if it is determined that the UE is the first type of UE, the SGSN selects an encryption algorithm supported by the SGSN and an integrity algorithm supported by the SGSN from the encryption algorithm and the integrity algorithm supported by the UE. The SGSN sends the selected encryption algorithm and integrity algorithm to the UE, and obtains a second encryption key and a second integrity key according to the first encryption key and the first integrity key in the authentication vector.
具体实施中,SGSN在将选择的加密算法和完整性算法发送给UE的同时,还可以将认证向量中的随机数RAND和认证令牌AUTN发送给UE。UE可以根据认证令牌AUTN对SGSN侧进行认证,以实现UE侧对网络侧的鉴权。UE还可以根据接收到的随机数RAND和认证令牌AUTN,利用f1-f5算法计算出第一加密密钥和第一完整性密钥,UE计算出的第一加密密钥和第一完整性密钥与SGSN从HLR/HSS获取的认证向量中的第一加密密钥和第一完整性密钥相同。SGSN向HLR/HSS获取的认证向量为认证向量五元组,其中包括随机数RAND、期望响应XRES、认证令牌AUTN、加密密钥CK和完整性密钥IK。In a specific implementation, the SGSN may send the selected encryption algorithm and the integrity algorithm to the UE, and may also send the random number RAND and the authentication token AUTN in the authentication vector to the UE. The UE can authenticate the SGSN side according to the authentication token AUTN to implement authentication on the network side by the UE side. The UE may further calculate the first encryption key and the first integrity key by using the f1-f5 algorithm according to the received random number RAND and the authentication token AUTN, and the first encryption key and the first integrity calculated by the UE. The key is the same as the first encryption key and the first integrity key in the authentication vector obtained by the SGSN from the HLR/HSS. The authentication vector acquired by the SGSN to the HLR/HSS is an authentication vector quintuple including a random number RAND, an expected response XRES, an authentication token AUTN, an encryption key CK, and an integrity key IK.
本申请实施例中,第一加密密钥为认证向量五元组中的加密密钥CK,第 一完整性密钥为认证向量五元组中的完整性密钥IK。In the embodiment of the present application, the first encryption key is an encryption key CK in the authentication vector quintuple, An integrity key is the integrity key IK in the authentication vector quintuple.
在一些可行的实施方式中,SGSN选择的加密算法和完整性算法可用于和第一加密密钥CK、第一完整性密钥IK一起计算第二加密密钥和第二完整性密钥。此外,根据加密算法和生成的第二加密密钥,可以对通信消息进行加密,生成消息密文;根据完整性算法和生成的第二完整性密钥,可以计算得到消息鉴权码MAC,消息鉴权码MAC可用于验证通信消息的完整性。In some possible implementations, the SGSN selected encryption algorithm and integrity algorithm can be used to calculate the second encryption key and the second integrity key together with the first encryption key CK, the first integrity key IK. In addition, according to the encryption algorithm and the generated second encryption key, the communication message may be encrypted to generate a message ciphertext; according to the integrity algorithm and the generated second integrity key, the message authentication code MAC, the message may be calculated. The authentication code MAC can be used to verify the integrity of the communication message.
可选地,当GPRS网络需要128位的第二加密密钥时,SGSN选择的加密算法可以是128-EEA1算法、128-EEA2算法、128-EEA3算法中任意一种;SGSN选择的完整性算法可以是128-EIA1算法、128-EIA2算法、128-EIA3算法中任意一种。其中128-EEA1算法和128-EIA1算法使用SNOW 3G算法作为核心算法;128-EEA2算法和128-EIA2算法使用AES算法作为核心算法;128-EEA3算法和128-EIA3算法使用ZUC算法(祖冲之算法集)作为核心算法。Optionally, when the GPRS network needs a 128-bit second encryption key, the encryption algorithm selected by the SGSN may be any one of the 128-EEA1 algorithm, the 128-EEA2 algorithm, and the 128-EEA3 algorithm; the integrity algorithm selected by the SGSN. It may be any one of 128-EIA1 algorithm, 128-EIA2 algorithm, and 128-EIA3 algorithm. The 128-EEA1 algorithm and the 128-EIA1 algorithm use the SNOW 3G algorithm as the core algorithm; the 128-EEA2 algorithm and the 128-EIA2 algorithm use the AES algorithm as the core algorithm; the 128-EEA3 algorithm and the 128-EIA3 algorithm use the ZUC algorithm (the Zuchong algorithm set) ) as the core algorithm.
S603,所述UE根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥。S603. The UE acquires a second encryption key and a second integrity key according to the first encryption key and the first integrity key.
本申请实施例中,第二加密密钥和第二完整性密钥是在第一加密密钥和第一完整性密钥基础上增强的密钥。第二加密密钥和SGSN发送的加密算法用于对SGSN和所述UE之间传输的消息进行机密性保护,第二完整性密钥和SGSN发送的完整性算法用于对SGSN和所述UE之间传输的消息进行完整性保护。In the embodiment of the present application, the second encryption key and the second integrity key are keys enhanced based on the first encryption key and the first integrity key. The second encryption key and the encryption algorithm sent by the SGSN are used to perform confidentiality protection on the message transmitted between the SGSN and the UE, and the integrity algorithm sent by the second integrity key and the SGSN is used for the SGSN and the UE. The messages transmitted between are integrity protected.
可选地,UE可以仅根据第一加密密钥和第一完整性密钥来获取第二加密密钥和第二完整性密钥;或者,可以根据第一加密密钥、第一完整性密钥、SGSN发送的加密算法和完整性算法来获取第二加密密钥和第二完整性密钥。Optionally, the UE may obtain the second encryption key and the second integrity key only according to the first encryption key and the first integrity key; or may be based on the first encryption key, the first integrity key The key, the encryption algorithm sent by the SGSN, and the integrity algorithm acquire the second encryption key and the second integrity key.
获取第二加密密钥和第二完整性密钥之后,为了对SGSN和UE之间的通信消息进行保护,需要SGSN和UE双方使用约定的密钥(即第二加密密钥和第二完整性密钥)和算法(即SGSN发送的加密算法和完整性算法)对通信消息进行加密。After obtaining the second encryption key and the second integrity key, in order to protect the communication message between the SGSN and the UE, the SGSN and the UE are required to use the agreed key (ie, the second encryption key and the second integrity). The key) and the algorithm (ie, the encryption algorithm and integrity algorithm sent by the SGSN) encrypt the communication message.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加 密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and calculates a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can add the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. Density protection and integrity protection enhance the security of communication of the first type of UE in the GPRS network.
请参阅图7,图7是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图7所示,该方法可包括如下步骤:Please refer to FIG. 7. FIG. 7 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 7, the method may include the following steps:
S701,UE向SGSN发送请求消息。S701. The UE sends a request message to the SGSN.
S702,所述UE接收所述SGSN发送的加密算法和完整性算法。S702. The UE receives an encryption algorithm and an integrity algorithm sent by the SGSN.
本申请实施例中,步骤S701-S702的具体实施方式可参阅图6所示实施例的步骤S601-S602,在此不赘述。For the specific implementation of the steps S701-S702 in the embodiment of the present application, reference may be made to the steps S601-S602 of the embodiment shown in FIG. 6, which are not described herein.
S703,所述UE根据第一加密密钥和第一完整性密钥,计算中间密钥。S703. The UE calculates an intermediate key according to the first encryption key and the first integrity key.
其中,UE接收SGSN发送的加密算法和完整性算法的同时,还接收SGSN发送的随机数RAND和认证令牌AUTN。在计算中间密钥之前,可先根据认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。The UE receives the encryption algorithm and the integrity algorithm sent by the SGSN, and also receives the random number RAND and the authentication token AUTN sent by the SGSN. Before calculating the intermediate key, the expected authentication code XMAC may be first calculated according to the authentication token AUTN and the random number RAND, and the SGSN side is compared by comparing whether the expected authentication code XMAC and the message authentication code MAC in the authentication token AUTN are the same. Certify. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
作为一种可行的实施方式,UE可以对第一加密密钥和第一完整性密钥进行运算,将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the UE may perform operations on the first encryption key and the first integrity key, and use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,所述中间密钥可直接采用现有的64位GPRS加密密钥Kc或现有的128位加密密钥Kc128,即可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another feasible implementation manner, the intermediate key may directly adopt an existing 64-bit GPRS encryption key Kc or an existing 128-bit encryption key Kc128, that is, the existing GPRS encryption key Kc may be directly used. (64-bit) as the intermediate key, or directly use the existing Kc128 (128-bit) as the intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
S704,所述UE根据所述中间密钥或者根据所述中间密钥和加密特征字符串计算第二加密密钥。S704. The UE calculates a second encryption key according to the intermediate key or according to the intermediate key and the encryption feature string.
作为一种可行的实施方式,所述UE可以将所述中间密钥的第一预设比特位作为第二加密密钥。例如,若GPRS系统需要64位的第二加密密钥,则可以直接将所述中间密钥的最高64位作为第二加密密钥;若GPRS系统需要128 位的第二加密密钥,则可以直接将所述中间密钥的最高128位作为第二加密密钥。在其他可选的实施方式中,也可以从所述中间密钥中任意选取所需位数的比特位作为第二加密密钥,本申请对此不做限定。As a possible implementation manner, the UE may use the first preset bit of the intermediate key as the second encryption key. For example, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits of the intermediate key can be directly used as the second encryption key; if the GPRS system requires 128 The second encryption key of the bit can directly use the highest 128 bits of the intermediate key as the second encryption key. In other optional implementations, the bit of the required number of bits may be arbitrarily selected from the intermediate key as the second encryption key, which is not limited in this application.
作为另一种可行的实施方式,所述UE可以根据所述中间密钥和加密特征字符串ciphering计算第二加密密钥。具体实施中,可以将中间密钥和加密特征字符串ciphering作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥可以通过Kcipher=KDF(Km,“ciphering”)计算得到。“ciphering”是加密特征字符串,可以通过编码产生。As another feasible implementation manner, the UE may calculate a second encryption key according to the intermediate key and the encryption feature string ciphering. In a specific implementation, the intermediate key and the encrypted feature string ciphering may be used as input parameters of the key derivation function KDF to calculate the second encryption key. For example, the second encryption key can be calculated by K cipher =KDF(Km, "ciphering"). "ciphering" is an encrypted feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) are used as the second encryption key; alternatively, the intermediate key Kc128 can be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second Encryption key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (for example, the highest 64 bits) as the second encryption key; alternatively, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key derivation function KDF The output is used as the second encryption key.
S705,所述UE根据所述中间密钥或者根据所述中间密钥和完整性特征字符串计算第二完整性密钥。S705. The UE calculates a second integrity key according to the intermediate key or according to the intermediate key and an integrity feature string.
作为一种可行的实施方式,所述UE可以将所述中间密钥的第二预设比特位作为第二完整性密钥。例如,若GPRS系统需要64位的第二完整性密钥,则可以直接将所述中间密钥的最低64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,则可以直接将所述中间密钥的最低128位作为第二完整性密钥。可选地,也可以从所述中间密钥中任意选取所需位数的比特 位作为第二完整性密钥,本申请对此不做限定。As a possible implementation manner, the UE may use the second preset bit of the intermediate key as the second integrity key. For example, if the GPRS system requires a 64-bit second integrity key, the lowest 64 bits of the intermediate key can be directly used as the second integrity key; if the GPRS system requires a 128-bit second integrity key Then, the lowest 128 bits of the intermediate key can be directly used as the second integrity key. Optionally, the required number of bits can also be arbitrarily selected from the intermediate key. The bit is used as the second integrity key, which is not limited in this application.
作为另一种可选的实施方式,所述UE可以根据所述中间密钥和完整性特征字符串integrity计算第二完整性密钥。具体实施中,可以将中间密钥和完整性特征字符串integrity作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥可以通过Kintegrity=KDF(Km,“integrity”)计算得到。“integrity”是完整性特征字符串,可以通过编码产生。As another optional implementation manner, the UE may calculate a second integrity key according to the intermediate key and the integrity feature string integrity. In a specific implementation, the intermediate key and the integrity feature string integrity may be used as an input parameter of the key derivation function KDF to calculate the second integrity key. For example, the second integrity key can be calculated by K integrity = KDF(Km, "integrity"). "integrity" is an integrity feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is output. As the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,加密特征字符串ciphering和完整性特征字符串integrity用于使计算出来的第二加密密钥和第二完整性密钥不同以便于区分,因此完整性特征字符串integrity可以是任意与加密特征字符串ciphering不一致的字符串。In the embodiment of the present application, the encryption feature string ciphering and the integrity feature string integrity are used to make the calculated second encryption key and the second integrity key different to facilitate differentiation, so the integrity feature string integrity may be Any string that is inconsistent with the ciphering of the encrypted feature string.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。 In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and calculates a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can perform encryption protection and integrity protection on the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. The security of communication of a type of UE in a GPRS network.
请参阅图8,图8是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图8所示,该方法可包括如下步骤:Please refer to FIG. 8. FIG. 8 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 8, the method may include the following steps:
S801,UE向SGSN发送请求消息。S801. The UE sends a request message to the SGSN.
S802,所述UE接收所述SGSN发送的加密算法和完整性算法。S802. The UE receives an encryption algorithm and an integrity algorithm sent by the SGSN.
S803,所述UE根据第一加密密钥和第一完整性密钥,计算中间密钥。S803. The UE calculates an intermediate key according to the first encryption key and the first integrity key.
本申请实施例中,步骤S801-S803的具体实施方式可参阅图7所示实施例的步骤S701-S703,在此不赘述。For the specific implementation of the steps S801-S803 in the embodiment of the present application, refer to steps S701-S703 of the embodiment shown in FIG. 7, and details are not described herein.
S804,所述UE根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算第二加密密钥。S804. The UE calculates a second encryption key according to the intermediate key, the first algorithm type indication, and the identifier of the encryption algorithm.
具体实施中,可以将中间密钥、第一算法类型指示和所述加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥Kcipher可以通过Kcipher=KDF(Km,algorithm type distinguisher1,ciphering algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的加密算法的标识。In a specific implementation, the intermediate key, the first algorithm type indication, and the identifier of the encryption algorithm may be used as an input parameter of the key derivation function KDF to calculate the second encryption key. For example, the second encryption key K cipher can be calculated by K cipher = KDF (Km, algorithm type distinguished er1, ciphering algorithm id), where Km is an intermediate key, the algorithm type distinguish er1 is the first algorithm type indication, and the ciphering algorithm id is The identifier of the encryption algorithm selected by the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) as the second encryption key; or, the intermediate key Kc128 is used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second encryption Key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (for example, the highest 64 bits) as the second encryption key; alternatively, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key derivation function KDF The output is used as the second encryption key.
S805,所述UE根据所述中间密钥、第二算法类型指示和所述完整性算法 的标识,计算第二完整性密钥。S805. The UE is configured according to the intermediate key, a second algorithm type, and the integrity algorithm. The identity of the second integrity key is calculated.
具体实施中,可以将中间密钥、第二算法类型指示和所述完整性算法的标识作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥Kcipher可以通过Kintegrity=KDF(Km,algorithm type distinguisher2,integrity algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的完整性算法的标识。In a specific implementation, the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm may be used as an input parameter of the key derivation function KDF to calculate the second integrity key. For example, the second integrity key K cipher can be calculated by K integrity = KDF (Km, algorithm type distinguished er2, integrity algorithm id), where Km is the intermediate key, the algorithm type distinguish er2 is the second algorithm type indication, and the integrity algorithm id The identity of the integrity algorithm selected for the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is output. As the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法,第一算法类型指示和第二算法类型指示的取值不相同。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indication is used to indicate that the algorithm currently participating in the operation is an encryption type algorithm, and the second algorithm type indication is used to indicate that the algorithm currently participating in the operation is an integrity type algorithm, and the first algorithm type indication The value indicated by the second algorithm type is different. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时 需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示中IE的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may use the same identity. The algorithm type indication needs to be combined to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second Different values of the IE in the algorithm type indication may distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and may cause the calculated values of the second encryption key and the second integrity key to be different to distinguish the second encryption key. Key and second integrity key.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥获取第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and acquires a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can perform encryption protection and integrity protection on the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. The security of communication of a type of UE in a GPRS network.
请参阅图9,图9是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图9所示,该方法可包括如下步骤:Please refer to FIG. 9. FIG. 9 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 9, the method may include the following steps:
S901,UE向SGSN发送请求消息。S901. The UE sends a request message to the SGSN.
S902,所述UE接收所述SGSN发送的加密算法和完整性算法。S902. The UE receives an encryption algorithm and an integrity algorithm sent by the SGSN.
本申请实施例中,步骤S901-S902的具体实施方式可参阅图6所示实施例的步骤S601-S602,在此不赘述。For the specific implementation of the steps S901-S902 in the embodiment of the present application, reference may be made to the steps S601-S602 of the embodiment shown in FIG. 6, which are not described herein.
S903,所述UE根据第一加密密钥、第一算法类型指示和所述加密算法的标识计算第二加密密钥。S903. The UE calculates a second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm.
其中,UE接收SGSN发送的加密算法和完整性算法的同时,还接收SGSN发送的随机数RAND和认证令牌AUTN。在计算第二加密密钥或第二完整性密钥之前,UE可先根据认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。The UE receives the encryption algorithm and the integrity algorithm sent by the SGSN, and also receives the random number RAND and the authentication token AUTN sent by the SGSN. Before calculating the second encryption key or the second integrity key, the UE may first calculate the expected authentication code XMAC according to the authentication token AUTN and the random number RAND by comparing the expected authentication code XMAC with the message in the authentication token AUTN. Whether the authentication code MAC is the same to authenticate the SGSN side. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
具体地,UE可以将第一加密密钥、第一算法类型指示和所选择的加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥,例如: Kcipher=KDF(CK,algorithm type distinguisher1,ciphering algorithm id),其中CK为第一加密密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的的加密算法的标识。Specifically, the UE may calculate the second encryption key by using the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm as input parameters of the key derivation function KDF, for example: K cipher =KDF( CK, algorithm type distinguisher er1, ciphering algorithm id), where CK is the first encryption key, the algorithm type distinguisher er1 is the first algorithm type indication, and the ciphering algorithm id is the identifier of the encryption algorithm selected by the SGSN.
可选地,若GPRS系统需要64位的第二加密密钥,可以从计算出的Kcipher中取最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥,可以从计算出的Kcipher中取最高128位作为第二加密密钥。在其他可行的实施方式中,也可以从计算出的Kcipher中任意选出所需位数作为第二加密密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits may be taken from the calculated K cipher as the second encryption key; if the GPRS system requires a 128-bit second encryption key, The highest 128 bits are taken from the calculated K cipher as the second encryption key. In other possible implementations, the required number of bits can be arbitrarily selected as the second encryption key from the calculated K cipher , which is not limited in this application.
S904,所述UE根据第一完整性密钥、第二算法类型指示和所述完整性算法的标识,计算第二完整性密钥。S904. The UE calculates a second integrity key according to the first integrity key, the second algorithm type indication, and the identifier of the integrity algorithm.
具体地,UE可以将第一完整性密钥IK、第二算法类型指示algorithm type distinguisher2和所选择的完整性算法的标识integrity algorithm id作为密钥推衍函数KDF的输入参数来计算第二完整性密钥,例如:Kintegrity=KDF(IK,algorithm type distinguisher2,integrity algorithm id),其中IK为第一完整性密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的的完整性算法的标识。Specifically, the UE may calculate the second integrity by using the first integrity key IK, the second algorithm type indicating algorithm type distinguisher2, and the identifier integrity algorithm id of the selected integrity algorithm as input parameters of the key derivation function KDF. The key, for example, K integrity = KDF (IK, algorithm type distinguished er2, integrity algorithm id), where IK is the first integrity key, the algorithm type distinguisher er2 is the second algorithm type indication, and the integrity algorithm id is selected by the SGSN. The identity of the integrity algorithm.
可选地,若GPRS系统需要64位的第二完整性密钥,可以从计算出的Kintegrity中取最高64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,可以从计算出的Kintegrity中取最高128位作为第二完整性密钥。在其他可行的实施方式中,也可以从计算出的Kintegrity中任意选出所需位数作为第二加密密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second integrity key, a maximum of 64 bits may be taken from the calculated K integrity as a second integrity key; if the GPRS system requires a 128-bit second integrity key The key can take the highest 128 bits from the calculated K integrity as the second integrity key. In other possible implementations, the required number of bits can be arbitrarily selected as the second encryption key from the calculated K integrity , which is not limited in this application.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法,第一算法类型指示和第二算法类型指示的取值不相同。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indication is used to indicate that the algorithm currently participating in the operation is an encryption type algorithm, and the second algorithm type indication is used to indicate that the algorithm currently participating in the operation is an integrity type algorithm, and the first algorithm type indication The value indicated by the second algorithm type is different. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时 需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may use the same identity. The algorithm type indication needs to be combined to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second The different values indicated by the algorithm type can distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and can make the calculated values of the second encryption key and the second integrity key different to distinguish the second encryption key and Second integrity key.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and calculates a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can perform encryption protection and integrity protection on the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. The security of communication of a type of UE in a GPRS network.
请参阅图10,图10是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图10所示,该方法可包括如下步骤:Please refer to FIG. 10. FIG. 10 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 10, the method may include the following steps:
S1001,UE向SGSN发送请求消息。S1001: The UE sends a request message to the SGSN.
S1002,所述UE接收所述SGSN发送的加密算法和完整性算法。S1002. The UE receives an encryption algorithm and an integrity algorithm sent by the SGSN.
本申请实施例中,步骤S1001-S1002的具体实施方式可参阅图6所示实施例的步骤S601-S602,在此不赘述。For the specific implementation of the steps S1001-S1002 in the embodiment of the present application, reference may be made to the steps S601-S602 of the embodiment shown in FIG. 6, which are not described herein.
S1003,所述UE将第一加密密钥或者所述第一加密密钥的预设比特位作为第二加密密钥。S1003. The UE uses a first encryption key or a preset bit of the first encryption key as a second encryption key.
其中,UE接收SGSN发送的加密算法和完整性算法的同时,还接收SGSN发送的随机数RAND和认证令牌AUTN。在计算第二加密密钥或第二完整性密钥之前,UE可先根据认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。The UE receives the encryption algorithm and the integrity algorithm sent by the SGSN, and also receives the random number RAND and the authentication token AUTN sent by the SGSN. Before calculating the second encryption key or the second integrity key, the UE may first calculate the expected authentication code XMAC according to the authentication token AUTN and the random number RAND by comparing the expected authentication code XMAC with the message in the authentication token AUTN. Whether the authentication code MAC is the same to authenticate the SGSN side. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
在一些可行的实施方式中,第一加密密钥为128位密钥,GPRS系统所需的第二加密密钥也为128位密钥,则可以直接将第一加密密钥作为第二加密密 钥;若GPRS系统所需的第二加密密钥为64位密钥,则可从第一加密密钥中选取64个预设比特位作为第二加密密钥,例如选取最高64位作为第二加密密钥。In some possible implementations, the first encryption key is a 128-bit key, and the second encryption key required by the GPRS system is also a 128-bit key, and the first encryption key can be directly used as the second encryption key. Key; if the second encryption key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first encryption key as the second encryption key, for example, selecting the highest 64 bits as the second key Encryption key.
S1004,所述UE将第一完整性密钥或者所述第一完整性密钥的预设比特位作为第二完整性密钥。S1004. The UE uses a first integrity key or a preset bit of the first integrity key as a second integrity key.
在一些可行的实施方式中,第一完整性密钥为128位密钥,GPRS系统所需的第二完整性密钥也为128位密钥,则可以直接将第一完整性密钥作为第二完整性密钥;若GPRS系统所需的第二完整性密钥为64位密钥,则可从第一完整性密钥中选取64个预设比特位作为第二完整性密钥,例如选取最高64位作为第二完整性密钥。In some possible implementations, the first integrity key is a 128-bit key, and the second integrity key required by the GPRS system is also a 128-bit key, and the first integrity key can be directly used as the first a second integrity key; if the second integrity key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first integrity key as the second integrity key, for example The highest 64 bits are selected as the second integrity key.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and calculates a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can perform encryption protection and integrity protection on the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. The security of communication of a type of UE in a GPRS network.
请参阅图11,图11是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图11所示,该方法可包括如下步骤:Please refer to FIG. 11. FIG. 11 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 11, the method may include the following steps:
S1101,HLR/HSS接收SGSN发送的UE的标识。S1101: The HLR/HSS receives the identifier of the UE sent by the SGSN.
归属位置寄存器(Home Location Register,HLR)是GPRS系统的永久数据库,存储了管理众多移动用户通信所需的信息,包括已注册的移动用户的身份信息、业务信息、服务授权等静态信息,以及用户的位置信息等动态信息。归属签约系统HSS(Home Subscription System,HSS)是HLR的演进和升级,主要负责管理用户的签约数据及移动用户的位置信息。由于HSS与HLR在网络中功能类似,所存储数据有较多重复,通常对外呈现为HSS与HLR融合设备。本申请实施例中,HLR/HSS可以是HLR设备、HSS设备或HLR和HSS的融合设备。The Home Location Register (HLR) is a permanent database of the GPRS system, which stores information needed to manage the communication of many mobile users, including static information such as registered mobile users' identity information, service information, service authorization, and users. Dynamic information such as location information. The Home Subscription System (HSS) is an evolution and upgrade of the HLR. It is mainly responsible for managing the subscription data of users and the location information of mobile users. Since the HSS and the HLR function similarly in the network, the stored data has more repetitions, and is usually presented as an HSS and HLR fusion device. In the embodiment of the present application, the HLR/HSS may be an HLR device, an HSS device, or a fusion device of an HLR and an HSS.
本申请实施例中,UE通过USIM卡与网络通信,UE的标识可以是USIM卡的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)。 In the embodiment of the present application, the UE communicates with the network through the USIM card, and the identifier of the UE may be an IMSI (International Mobile Subscriber Identification Number) of the USIM card.
S1102,所述HLR/HSS根据所述UE的标识确定所述UE为第一类型UE。S1102. The HLR/HSS determines, according to the identifier of the UE, that the UE is a first type of UE.
具体实施中,HLR/HSS存储着众多UE的各种信息,在接收SGSN发送的UE的标识后,HLR/HSS可查询所述UE的相关信息,以确定所述UE是否为第一类型UE。本申请实施例以所述UE为第一类型UE为例进行说明。In a specific implementation, the HLR/HSS stores various information of a plurality of UEs. After receiving the identifier of the UE sent by the SGSN, the HLR/HSS may query related information of the UE to determine whether the UE is a UE of the first type. The embodiment of the present application is described by taking the UE as the first type of UE as an example.
本申请实施例中,第一类型UE可包括物联网UE、机器通信(Machine To Machine,M2M)UE或其他高安全性UE。其中物联网UE指的是具备信息传感功能和数据传输功能的用户设备,例如导览机、个人数字助理、条码采集器、数据采集终端和主要用于消费或转账的POS机等。机器通信UE指的是具备联网和通信能力,通过传感器、控制器等来实现“智能”属性,从而能与人、移动网络或其他机器进行信息交流的用户设备。In the embodiment of the present application, the first type of UE may include an Internet of Things UE, a Machine To Machine (M2M) UE, or other high security UE. Among them, the Internet of Things (UE) refers to user equipments with information sensing functions and data transmission functions, such as navigation machines, personal digital assistants, bar code collectors, data collection terminals, and POS machines mainly used for consumption or transfer. Machine communication UE refers to a user equipment that has networking and communication capabilities, and realizes "smart" attributes through sensors, controllers, etc., so that information can be exchanged with people, mobile networks or other machines.
S1103,所述HLR/HSS向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。S1103: The HLR/HSS sends UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type UE.
可选地,UE类型指示信息可通过特定信息元素(Information Element,IE)的存在性来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中存在某一特定IE,SGSN则可确定UE为第一类型UE,否则可确定UE不是第一类型UE。或者,UE类型指示信息还可通过特定IE的取值来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中某一特定IE的取值为1,SGSN可确定UE为第一类型UE,若该特定IE的取值为0,则SGSN可确定UE不是第一类型UE。Optionally, the UE type indication information may indicate that the UE is the first type of UE by using the presence of a specific information element (IE), for example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, If a certain IE exists in the UE type indication information, the SGSN may determine that the UE is the first type of UE, and may determine that the UE is not the first type of UE. Alternatively, the UE type indication information may also indicate that the UE is the first type of UE by using the value of the specific IE. For example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, if the UE type indication information is in the UE type indication information, If the value of the specific IE is 1, the SGSN may determine that the UE is the first type of UE. If the value of the specific IE is 0, the SGSN may determine that the UE is not the first type of UE.
本申请实施例中,HLR/HSS还可以向SGSN发送认证向量,认证向量中包括第一加密密钥和第一完整性密钥。In the embodiment of the present application, the HLR/HSS may also send an authentication vector to the SGSN, where the authentication vector includes a first encryption key and a first integrity key.
在一些可行的实施方式中,上述认证向量可以为认证向量五元组,其中包括随机数RAND、期望响应XRES、认证令牌AUTN、加密密钥CK和完整性密钥IK。第一加密密钥即为认证向量五元组中的加密密钥CK,第一完整性密钥即为认证向量五元组中的完整性密钥IK。In some possible implementations, the above authentication vector may be an authentication vector quintuple including a random number RAND, a desired response XRES, an authentication token AUTN, an encryption key CK, and an integrity key IK. The first encryption key is the encryption key CK in the authentication vector quintuple, and the first integrity key is the integrity key IK in the authentication vector quintuple.
本申请实施例中,HLR/HSS可接收SGSN发送的UE的标识,根据UE的标识确定UE为第一类型UE,并向SGSN发送UE类型指示信息,以指示该UE为第一类型UE,使SGSN可以和第一类型UE之间进行针对第一类型 UE的密钥增强处理,提高第一类型UE在GPRS网络中通信的安全性。In this embodiment, the HLR/HSS may receive the identifier of the UE that is sent by the SGSN, determine that the UE is the first type of UE according to the identifier of the UE, and send the UE type indication information to the SGSN to indicate that the UE is the first type of UE. The SGSN can perform the first type with the first type of UE The key enhancement processing of the UE improves the security of communication of the first type UE in the GPRS network.
请参阅图12,图12是本申请提供的GPRS系统密钥增强的方法的又一实施例的流程示意图。如图12所示,该方法可包括如下步骤:Please refer to FIG. 12. FIG. 12 is a schematic flowchart diagram of still another embodiment of a method for key enhancement of a GPRS system provided by the present application. As shown in FIG. 12, the method may include the following steps:
S1201,UE向SGSN发送请求消息。S1201. The UE sends a request message to the SGSN.
S1202,SGSN将UE的标识发送给HLR/HSS。S1202. The SGSN sends the identifier of the UE to the HLR/HSS.
S1203,HLR/HSS根据UE的标识确定UE为第一类型UE。S1203. The HLR/HSS determines that the UE is the first type of UE according to the identifier of the UE.
S1204,HLR/HSS发送UE类型指示信息和认证向量给SGSN。S1204: The HLR/HSS sends the UE type indication information and the authentication vector to the SGSN.
S1205,SGSN根据UE类型指示信息和UE支持的算法选择加密算法和完整性算法,并获得第二加密密钥和第二完整性密钥。S1205. The SGSN selects an encryption algorithm and an integrity algorithm according to the UE type indication information and an algorithm supported by the UE, and obtains a second encryption key and a second integrity key.
S1206,SGSN向UE发送认证和加密请求,其中包括SGSN选择的加密算法和完整性算法、随机数RAND和认证令牌AUTN。S1206: The SGSN sends an authentication and encryption request to the UE, where the SGSN selects an encryption algorithm and an integrity algorithm, a random number RAND, and an authentication token AUTN.
S1207,UE对SGSN侧进行认证,认证通过后获取第二加密密钥和第二完整性密钥。S1207: The UE performs authentication on the SGSN side, and obtains a second encryption key and a second integrity key after the authentication is passed.
S1208,UE向SGSN发送认证和加密相应RES。S1208: The UE sends an authentication and encryption corresponding RES to the SGSN.
S1209,SGSN验证RES值,对UE侧进行认证。S1209: The SGSN verifies the RES value and performs authentication on the UE side.
本申请实施例中,UE向SGSN发送请求消息,SGSN在判断UE为第一类型UE之后,选择加密算法和完整性算法,UE和SGSN双方根据第一加密密钥和第一完整性密钥,计算增强的第二加密密钥和第二完整性密钥,通过第二加密密钥、第二完整性密钥以及SGSN选择的加密算法和完整性算法对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the UE sends a request message to the SGSN, and after determining that the UE is the first type of UE, the SGSN selects an encryption algorithm and an integrity algorithm, and the UE and the SGSN according to the first encryption key and the first integrity key, Calculating the enhanced second encryption key and the second integrity key, encrypting the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and an encryption algorithm and an integrity algorithm selected by the SGSN Protection and integrity protection enhances the security of communication of the first type of UE in the GPRS network.
请参阅图13,图13是本申请提供的SGSN设备的一实施例的结构示意图。如图13所示,该SGSN设备可包括接收模块1301、获取模块1302、选择模块1303和获得模块1304,其中:Please refer to FIG. 13. FIG. 13 is a schematic structural diagram of an embodiment of an SGSN device provided by the present application. As shown in FIG. 13, the SGSN device may include a receiving module 1301, an obtaining module 1302, a selecting module 1303, and an obtaining module 1304, where:
接收模块1301,用于接收UE发送的请求消息。The receiving module 1301 is configured to receive a request message sent by the UE.
具体实施中,UE发送给SGSN的请求消息可以是附着请求消息、路由更新消息或其他消息,例如服务请求消息。SGSN接收UE发送的请求消息后,可获取发送该请求消息的UE的标识。若该UE为第一类型UE,请求消息中可能携带UE类型指示信息。 In a specific implementation, the request message sent by the UE to the SGSN may be an attach request message, a route update message, or other message, such as a service request message. After receiving the request message sent by the UE, the SGSN may obtain the identifier of the UE that sends the request message. If the UE is the first type of UE, the request message may carry the UE type indication information.
本申请实施例中,UE通过USIM卡与网络通信,UE的标识可以是USIM卡的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)。第一类型UE可包括物联网UE、机器通信(Machine To Machine,M2M)UE或其他高安全性UE。其中物联网UE指的是具备信息传感功能和数据传输功能的用户设备,例如导览机、个人数字助理、条码采集器、数据采集终端和主要用于消费或转账的POS机等。机器通信UE指的是具备联网和通信能力,通过传感器、控制器等来实现“智能”属性,从而能与人、移动网络或其他机器进行信息交流的用户设备。In the embodiment of the present application, the UE communicates with the network through the USIM card, and the identifier of the UE may be an IMSI (International Mobile Subscriber Identification Number) of the USIM card. The first type of UE may include an Internet of Things UE, a Machine To Machine (M2M) UE, or other high security UE. Among them, the Internet of Things (UE) refers to user equipments with information sensing functions and data transmission functions, such as navigation machines, personal digital assistants, bar code collectors, data collection terminals, and POS machines mainly used for consumption or transfer. Machine communication UE refers to a user equipment that has networking and communication capabilities, and realizes "smart" attributes through sensors, controllers, etc., so that information can be exchanged with people, mobile networks or other machines.
获取模块1302,用于从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥。The obtaining module 1302 is configured to obtain an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key.
归属位置寄存器(Home Location Register,HLR)是GPRS系统的永久数据库,存储了管理众多移动用户通信所需的信息,包括已注册的移动用户的身份信息、业务信息、服务授权等静态信息,以及用户的位置信息等动态信息。归属签约系统HSS(Home Subscription System,HSS)是HLR的演进和升级,主要负责管理用户的签约数据及移动用户的位置信息。由于HSS与HLR在网络中功能类似,所存储数据有较多重复,通常对外呈现为HSS与HLR融合设备。本申请实施例中,HLR/HSS可以是HLR设备、HSS设备或HLR和HSS的融合设备。The Home Location Register (HLR) is a permanent database of the GPRS system, which stores information needed to manage the communication of many mobile users, including static information such as registered mobile users' identity information, service information, service authorization, and users. Dynamic information such as location information. The Home Subscription System (HSS) is an evolution and upgrade of the HLR. It is mainly responsible for managing the subscription data of users and the location information of mobile users. Since the HSS and the HLR function similarly in the network, the stored data has more repetitions, and is usually presented as an HSS and HLR fusion device. In the embodiment of the present application, the HLR/HSS may be an HLR device, an HSS device, or a fusion device of an HLR and an HSS.
本申请实施例中,SGSN向HLR/HSS获取的认证向量为认证向量五元组,其中包括随机数RAND、期望响应XRES、认证令牌AUTN、加密密钥CK和完整性密钥IK。In the embodiment of the present application, the authentication vector acquired by the SGSN to the HLR/HSS is an authentication vector quintuple, including a random number RAND, an expected response XRES, an authentication token AUTN, an encryption key CK, and an integrity key IK.
本申请实施例中,第一加密密钥为认证向量五元组中的加密密钥CK,第一完整性密钥为认证向量五元组中的完整性密钥IK。In the embodiment of the present application, the first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
选择模块1303,用于在所述SGSN确定所述UE为第一类型UE时,为所述UE选择一种加密算法和一种完整性算法,并将所选择的加密算法和完整性算法发送给所述UE。The selecting module 1303 is configured to: when the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE, and send the selected encryption algorithm and integrity algorithm to The UE.
在一些可行的实施方式中,SGSN设备还可包括发送模块和第一确定模块(未图示),其中:In some possible implementations, the SGSN device may further include a sending module and a first determining module (not shown), wherein:
发送模块,可用于将所述UE的标识发送给HLR/HSS,以使所述HLR/HSS 根据所述UE的标识判断所述UE是否为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;a sending module, configured to send the identifier of the UE to the HLR/HSS, so that the HLR/HSS Determining, according to the identifier of the UE, whether the UE is a first type of UE, and sending, to the SGSN, UE type indication information, where the UE type indication information is used to indicate that the UE is a first type UE;
第一确定模块,可用于接收所述HLR/HSS发送的所述UE类型指示信息,确定所述UE为第一类型UE。The first determining module is configured to receive the UE type indication information that is sent by the HLR/HSS, and determine that the UE is a first type of UE.
在一些可行的实施方式中,SGSN设备还可包括第二确定模块(未图示),第二确定模块可用于在所述请求消息包含UE类型指示信息时,确定所述UE为第一类型UE,其中,所述UE类型指示信息用于指示所述UE为第一类型UE。In some possible implementations, the SGSN device may further include a second determining module (not shown), where the second determining module is configured to determine that the UE is a first type of UE when the request message includes UE type indication information. The UE type indication information is used to indicate that the UE is a first type of UE.
在一些可行的实施方式中,SGSN设备也可同时包括发送模块、第一确定模块和第二确定模块。In some feasible implementation manners, the SGSN device may also include a sending module, a first determining module, and a second determining module.
可选地,UE类型指示信息可通过特定信息元素(Information Element,IE)的存在性来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中存在某一特定IE,SGSN则可确定UE为第一类型UE,否则可确定UE不是第一类型UE。或者,UE类型指示信息还可通过特定IE的取值来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中某一特定IE的取值为1,SGSN可确定UE为第一类型UE,若该特定IE的取值为0,则SGSN可确定UE不是第一类型UE。Optionally, the UE type indication information may indicate that the UE is the first type of UE by using the presence of a specific information element (IE), for example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, If a certain IE exists in the UE type indication information, the SGSN may determine that the UE is the first type of UE, and may determine that the UE is not the first type of UE. Alternatively, the UE type indication information may also indicate that the UE is the first type of UE by using the value of the specific IE. For example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, if the UE type indication information is in the UE type indication information, If the value of the specific IE is 1, the SGSN may determine that the UE is the first type of UE. If the value of the specific IE is 0, the SGSN may determine that the UE is not the first type of UE.
具体实施中,SGSN可以先从HLR/HSS获取认证向量,再确定UE为第一类型UE;SGSN也可以先确定UE为第一类型UE,再从HLR/HSS获取认证向量。In the specific implementation, the SGSN may first obtain the authentication vector from the HLR/HSS, and then determine that the UE is the first type of UE; the SGSN may also first determine that the UE is the first type of UE, and then obtain the authentication vector from the HLR/HSS.
具体实施中,UE和SGSN各自配置了一些加密算法和完整性算法,UE向SGSN发送请求消息时,将自身支持的加密算法和完整性算法一并发送给SGSN,SGSN收到UE的请求消息时,从UE支持的加密算法和完整性算法中选择一种SGSN支持的加密算法以及一种SGSN支持的完整性算法。In a specific implementation, the UE and the SGSN are respectively configured with some encryption algorithms and integrity algorithms. When the UE sends a request message to the SGSN, the UE sends the encryption algorithm and the integrity algorithm supported by the UE to the SGSN, and the SGSN receives the request message of the UE. An encryption algorithm supported by the SGSN and an integrity algorithm supported by the SGSN are selected from the encryption algorithm and the integrity algorithm supported by the UE.
在一些可行的实施方式中,SGSN选择的加密算法和完整性算法可用于和认证向量中的第一加密密钥、第一完整性密钥一起计算第二加密密钥和第二完整性密钥。此外,根据SGSN选择的加密算法和第二加密密钥,可以对通信消息进行加密,生成消息密文;根据SGSN选择的完整性算法和第二完整性密钥, 可以计算得到消息鉴权码MAC,消息鉴权码MAC可用于验证通信消息的完整性。In some possible implementations, the SGSN selected encryption algorithm and integrity algorithm can be used to calculate the second encryption key and the second integrity key together with the first encryption key and the first integrity key in the authentication vector. . In addition, according to the encryption algorithm selected by the SGSN and the second encryption key, the communication message may be encrypted to generate a message ciphertext; according to the integrity algorithm selected by the SGSN and the second integrity key, The message authentication code MAC can be calculated, and the message authentication code MAC can be used to verify the integrity of the communication message.
可选地,当GPRS网络需要128位的第二加密密钥时,SGSN选择的加密算法可以是128-EEA1算法、128-EEA2算法、128-EEA3算法中任意一种;SGSN选择的完整性算法可以是128-EIA1算法、128-EIA2算法、128-EIA3算法中任意一种。其中128-EEA1算法和128-EIA1算法使用SNOW 3G算法作为核心算法;128-EEA2算法和128-EIA2算法使用AES算法作为核心算法;128-EEA3算法和128-EIA3算法使用ZUC算法(祖冲之算法集)作为核心算法。Optionally, when the GPRS network needs a 128-bit second encryption key, the encryption algorithm selected by the SGSN may be any one of the 128-EEA1 algorithm, the 128-EEA2 algorithm, and the 128-EEA3 algorithm; the integrity algorithm selected by the SGSN. It may be any one of 128-EIA1 algorithm, 128-EIA2 algorithm, and 128-EIA3 algorithm. The 128-EEA1 algorithm and the 128-EIA1 algorithm use the SNOW 3G algorithm as the core algorithm; the 128-EEA2 algorithm and the 128-EIA2 algorithm use the AES algorithm as the core algorithm; the 128-EEA3 algorithm and the 128-EIA3 algorithm use the ZUC algorithm (the Zuchong algorithm set) ) as the core algorithm.
具体实施中,SGSN在将选择的加密算法和完整性算法发送给UE的同时,还可以将认证向量中的随机数RAND和认证令牌AUTN发送给UE,UE可以根据认证令牌AUTN对SGSN侧进行认证,以实现UE侧对网络侧的鉴权,还可以根据接收到的随机数RAND和认证令牌AUTN,利用f1-f5算法计算出第一加密密钥CK和第一完整性密钥IK。In a specific implementation, the SGSN may send the selected encryption algorithm and the integrity algorithm to the UE, and may also send the random number RAND and the authentication token AUTN in the authentication vector to the UE, and the UE may use the authentication token AUTN to the SGSN side. The authentication is performed to implement the authentication of the network side by the UE side, and the first encryption key CK and the first integrity key IK are calculated by using the f1-f5 algorithm according to the received random number RAND and the authentication token AUTN. .
为了对SGSN和UE之间的通信消息进行保护,需要SGSN和UE双方使用约定的密钥(即第二加密密钥和第二完整性密钥)和算法(即SGSN选择的加密算法和完整性算法)对通信消息进行加密,因此,SGSN选择了一种加密算法和一种完整性算法之后,需要将所选择的加密算法和完整性算法发送给UE,使得UE根据第一加密密钥CK和第一完整性密钥IK计算第二加密密钥和第二完整性密钥之后,与SGSN采用相同的加密算法和完整性算法、以及第二加密密钥和第二完整性密钥对通信消息进行加密。In order to protect the communication message between the SGSN and the UE, both the SGSN and the UE need to use the agreed key (ie, the second encryption key and the second integrity key) and the algorithm (ie, the encryption algorithm and integrity selected by the SGSN). The algorithm encrypts the communication message. Therefore, after the SGSN selects an encryption algorithm and an integrity algorithm, the selected encryption algorithm and the integrity algorithm need to be sent to the UE, so that the UE according to the first encryption key CK and After the first integrity key IK calculates the second encryption key and the second integrity key, the same encryption algorithm and integrity algorithm are used with the SGSN, and the second encryption key and the second integrity key pair communication message are used. Encrypt.
获得模块1304,用于根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥。The obtaining module 1304 is configured to obtain a second encryption key and a second integrity key according to the first encryption key and the first integrity key.
本申请实施例中,SGSN选择了加密算法和完整性算法之后,根据认证向量中的第一加密密钥和第二加密密钥计算第二加密密钥和第二完整性密钥,其中第一加密密钥为认证向量五元组中的加密密钥CK,第一完整性密钥为认证向量五元组中的完整性密钥IK。第二加密密钥和第二完整性密钥是在第一加密密钥和第一完整性密钥基础上增强的密钥,其中第二加密密钥和SGSN所选择的加密算法可用于对SGSN和所述UE之间传输的消息进行机密性保护;第二完整性密钥和SGSN选择的完整性算法可用于对SGSN和所述UE之间传输 的消息进行完整性保护。In the embodiment of the present application, after the SGSN selects the encryption algorithm and the integrity algorithm, the second encryption key and the second integrity key are calculated according to the first encryption key and the second encryption key in the authentication vector, where the first The encryption key is the encryption key CK in the authentication vector quintuple, and the first integrity key is the integrity key IK in the authentication vector quintuple. The second encryption key and the second integrity key are keys enhanced based on the first encryption key and the first integrity key, wherein the second encryption key and the encryption algorithm selected by the SGSN are available for the SGSN The message transmitted between the UE and the UE is confidentially protected; the second integrity key and the integrity algorithm selected by the SGSN are used to transmit between the SGSN and the UE The message is integrity protected.
可选地,SGSN可以仅根据第一加密密钥和第一完整性密钥来计算第二加密密钥和第二完整性密钥;或者,可以根据第一加密密钥、第一完整性密钥、所选择的加密算法以及所选择的完整性算法来计算第二加密密钥和第二完整性密钥。Optionally, the SGSN may calculate the second encryption key and the second integrity key according to only the first encryption key and the first integrity key; or may be based on the first encryption key, the first integrity key The second encryption key and the second integrity key are calculated by the key, the selected encryption algorithm, and the selected integrity algorithm.
具体实施中,选择模块1303将SGSN选择的加密算法和完整性算法发送给所述UE和获得模块1304根据所述认证向量中的第一加密密钥和第一完整性密钥获得第二加密密钥和第二完整性密钥的顺序可以不分先后。In a specific implementation, the selecting module 1303 sends the encryption algorithm and the integrity algorithm selected by the SGSN to the UE, and the obtaining module 1304 obtains the second encryption key according to the first encryption key and the first integrity key in the authentication vector. The order of the key and the second integrity key may be in no particular order.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE在计算第二加密密钥和第二完整性密钥之后,SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN选择的加密算法和完整性算法来对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the second integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE is calculating the second After the encryption key and the second integrity key, the SGSN and the UE can communicate the communication message between the SGSN and the UE by using the second encryption key, the second integrity key, the encryption algorithm selected by the SGSN, and the integrity algorithm. Encryption protection and integrity protection are performed to enhance the security of communication of the first type of UE in the GPRS network.
下面将结合附图14-附图15,对图13所示的获得模块1304的结构和功能进行详细介绍。The structure and function of the obtaining module 1304 shown in FIG. 13 will be described in detail below with reference to FIGS. 14 to 15.
在一些可行的实施方式中,如图14所示,获得模块1304可包括第一计算单元13041、第二计算单元13042和第三计算单元13043,其中:In some possible implementations, as shown in FIG. 14, the obtaining module 1304 can include a first calculating unit 13041, a second calculating unit 13042, and a third calculating unit 13043, wherein:
第一计算单元13041,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥。The first calculating unit 13041 is configured to calculate an intermediate key according to the first encryption key and the first integrity key.
作为一种可行的实施方式,第一计算单元13041可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the first calculating unit 13041 may perform operations on the first encryption key and the first integrity key, and then use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,所述中间密钥可直接采用现有的64位GPRS加密密钥Kc或现有的128位加密密钥Kc128,即第一计算单元13041可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128 (128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another feasible implementation manner, the intermediate key may directly adopt an existing 64-bit GPRS encryption key Kc or an existing 128-bit encryption key Kc128, that is, the first calculation unit 13041 may directly use the existing GPRS encryption key Kc (64 bit) as the intermediate key, or directly the existing Kc128 (128 bits) as an intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
第二计算单元13042,用于根据所述中间密钥和加密特征字符串,计算第二加密密钥。The second calculating unit 13042 is configured to calculate a second encryption key according to the intermediate key and the encrypted feature string.
具体实施中,可以将中间密钥和加密特征字符串ciphering作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥可以通过Kcipher=KDF(Km,“ciphering”)计算得到。“ciphering”是加密特征字符串,可以通过编码产生。In a specific implementation, the intermediate key and the encrypted feature string ciphering may be used as input parameters of the key derivation function KDF to calculate the second encryption key. For example, the second encryption key can be calculated by K cipher =KDF(Km, "ciphering"). "ciphering" is an encrypted feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) as the second encryption key; or, the intermediate key Kc128 is used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second encryption Key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (for example, the highest 64 bits) as the second encryption key; alternatively, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key derivation function KDF The output is used as the second encryption key.
第三计算单元13043,用于根据所述中间密钥和完整性特征字符串计算第二完整性密。The third calculating unit 13043 is configured to calculate a second integrity key according to the intermediate key and the integrity feature string.
具体实施中,可以将中间密钥和完整性特征字符串integrity作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥可以通过Kintegrity=KDF(Km,“integrity”)计算得到。“integrity”是完整性特征字符串,可以通过编码产生。In a specific implementation, the intermediate key and the integrity feature string integrity may be used as an input parameter of the key derivation function KDF to calculate the second integrity key. For example, the second integrity key can be calculated by K integrity = KDF(Km, "integrity"). "integrity" is an integrity feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密 钥推衍函数KDF的输入参数之一,将根据Km的预设128位计算得到的Kintegrity作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在计算出的Kintegrity中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF is to use K integrity calculated according to the preset 128 bits of Km as the second integrity key; or, the calculated intermediate key Km can be directly used as the input parameter of the key derivation function KDF. For example, the preset 128 bits (for example, the highest 128 bits) are intercepted as the second integrity key in the calculated K integrity ; or the intermediate key Kc128 may be used as the input parameter of the key derivation function KDF. First, the output of the key derivation function KDF is taken as the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,加密特征字符串ciphering和完整性特征字符串integrity用于使计算出来的第二加密密钥和第二完整性密钥不同以便于区分,因此完整性特征字符串integrity可以是任意与加密特征字符串ciphering不一致的字符串。In the embodiment of the present application, the encryption feature string ciphering and the integrity feature string integrity are used to make the calculated second encryption key and the second integrity key different to facilitate differentiation, so the integrity feature string integrity may be Any string that is inconsistent with the ciphering of the encrypted feature string.
在一些可行的实施方式中,如图14所示,获得模块1304可包括第一计算单元13041、第二计算单元13042和第三计算单元13043,其中:In some possible implementations, as shown in FIG. 14, the obtaining module 1304 can include a first calculating unit 13041, a second calculating unit 13042, and a third calculating unit 13043, wherein:
第一计算单元13041,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥。The first calculating unit 13041 is configured to calculate an intermediate key according to the first encryption key and the first integrity key.
作为一种可行的实施方式,第一计算单元1041可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the first calculating unit 1041 may perform operations on the first encryption key and the first integrity key, and then use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,第一计算单元1041可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another feasible implementation manner, the first calculating unit 1041 may directly use the existing GPRS encryption key Kc (64 bits) as an intermediate key, or directly use the existing Kc128 (128 bits) as an intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
第二计算单元13042,用于根据所述中间密钥、第一算法类型指示和所选 择的加密算法的标识,计算所述第二加密密钥。a second calculating unit 13042, configured to select and select according to the intermediate key, the first algorithm type The identifier of the selected encryption algorithm calculates the second encryption key.
具体实施中,第二计算单元1042可以将中间密钥、第一算法类型指示和所选择的加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥Kcipher可以通过Kcipher=KDF(Km,algorithm type distinguisher1,ciphering algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的加密算法的标识。In a specific implementation, the second calculating unit 1042 may calculate the second encryption key by using the intermediate key, the first algorithm type indication, and the identifier of the selected encryption algorithm as input parameters of the key derivation function KDF. For example, the second encryption key K cipher can be calculated by K cipher = KDF (Km, algorithm type distinguished er1, ciphering algorithm id), where Km is an intermediate key, the algorithm type distinguish er1 is the first algorithm type indication, and the ciphering algorithm id is The identifier of the encryption algorithm selected by the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) as the second encryption key; or, the intermediate key Kc128 is used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second encryption Key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (for example, the highest 64 bits) as the second encryption key; alternatively, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key derivation function KDF The output is used as the second encryption key.
第三计算单元13043,用于根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。a third calculating unit 13043, configured to calculate, according to the intermediate key, the second algorithm type indication, and the identifier of the selected integrity algorithm, the second integrity key, where the first algorithm type indication and The values indicated by the second algorithm type are different.
具体实施中,第三计算单元13043可以将中间密钥、第二算法类型指示和所选择的完整性算法的标识作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥Kcipher可以通过Kintegrity=KDF(Km,algorithm type distinguisher2,integrity algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为 SGSN所选择的完整性算法的标识。In a specific implementation, the third calculating unit 13043 may calculate the second integrity key by using the intermediate key, the second algorithm type indication, and the identifier of the selected integrity algorithm as input parameters of the key derivation function KDF. For example, the second integrity key K cipher can be calculated by K integrity = KDF (Km, algorithm type distinguished er2, integrity algorithm id), where Km is the intermediate key, the algorithm type distinguish er2 is the second algorithm type indication, and the integrity algorithm id The identity of the integrity algorithm selected for the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is output. As the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indicates an algorithm for indicating that the algorithm currently participating in the operation is an encryption type, and the second algorithm type indicates an algorithm for indicating that the algorithm currently participating in the operation is an integrity type. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示中IE的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。 In some possible cases, the encryption algorithm and the integrity algorithm may adopt the same identifier, and in this case, the algorithm type indication is needed to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second Different values of the IE in the algorithm type indication may distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and may cause the calculated values of the second encryption key and the second integrity key to be different to distinguish the second encryption key. Key and second integrity key.
在一些可行的实施方式中,如图15所示,获得模块1304可包括第四计算单元13044和第五计算单元13045,其中:In some possible implementations, as shown in FIG. 15, the obtaining module 1304 can include a fourth calculating unit 13044 and a fifth calculating unit 13045, where:
第四计算单元13044,用于根据所述第一加密密钥、第一算法类型指示和所选择的加密算法的标识,计算第二加密密钥。The fourth calculating unit 13044 is configured to calculate a second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm.
具体地,第四计算单元13044可以将第一加密密钥、第一算法类型指示和所选择的加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥,例如:Kcipher=KDF(CK,algorithm type distinguisher1,ciphering algorithm id),其中CK为第一加密密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的的加密算法的标识。Specifically, the fourth calculating unit 13044 may calculate the second encryption key by using the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm as input parameters of the key derivation function KDF, for example: K The cipher is the first encryption type, and the ciphering algorithm id is the identifier of the encryption algorithm selected by the SGSN. The cipher is the first encryption type.
可选地,若GPRS系统需要64位的第二加密密钥,可以从计算出的Kcipher中取最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥,可以从计算出的Kcipher中取最高128位作为第二加密密钥。在其他可行的实施方式中,也可以从计算出的Kcipher中任意选出所需位数作为第二加密密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits may be taken from the calculated K cipher as the second encryption key; if the GPRS system requires a 128-bit second encryption key, The highest 128 bits are taken from the calculated K cipher as the second encryption key. In other possible implementations, the required number of bits can be arbitrarily selected as the second encryption key from the calculated K cipher , which is not limited in this application.
第五计算单元13045,根据所述认证向量中的第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算第二完整性密钥。The fifth calculating unit 13045 calculates a second integrity key according to the first integrity key, the second algorithm type indication, and the identifier of the selected integrity algorithm in the authentication vector.
具体地,第五计算单元13045可以将第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识作为密钥推衍函数KDF的输入参数来计算第二完整性密钥,例如:Kintegrity=KDF(IK,algorithm type distinguisher2,integrity algorithm id),其中IK为第一完整性密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的的完整性算法的标识。Specifically, the fifth calculating unit 13045 may calculate the second integrity key by using the identifier of the first integrity key, the second algorithm type indication, and the selected integrity algorithm as an input parameter of the key derivation function KDF, For example: K integrity = KDF (IK, algorithm type distinguisher er2, integrity algorithm id), where IK is the first integrity key, algorithm type distinguish er2 is the second algorithm type indication, and integrity algorithm id is the integrity algorithm selected by the SGSN. Logo.
可选地,若GPRS系统需要64位的第二完整性密钥,可以从计算出的Kintegrity中取最高64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,可以从计算出的Kintegrity中取最高128位作为第二完整性密钥。在其他可行的实施方式中,也可以从计算出的Kintegrity中任意选出所需位数作为第二完整性密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second integrity key, a maximum of 64 bits may be taken from the calculated K integrity as a second integrity key; if the GPRS system requires a 128-bit second integrity key The key can take the highest 128 bits from the calculated K integrity as the second integrity key. In other possible implementations, the required number of bits can be arbitrarily selected as the second integrity key from the calculated K integrity , which is not limited in this application.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法,第一算法类型指示和第二算法类型指示的取值不相同。在一些可行的实 施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indication is used to indicate that the algorithm currently participating in the operation is an encryption type algorithm, and the second algorithm type indication is used to indicate that the algorithm currently participating in the operation is an integrity type algorithm, and the first algorithm type indication The value indicated by the second algorithm type is different. In some feasible realities In an embodiment, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may adopt the same identifier, and in this case, the algorithm type indication is needed to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second The different values indicated by the algorithm type can distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and can make the calculated values of the second encryption key and the second integrity key different to distinguish the second encryption key and Second integrity key.
在一些可行的实施方式中,In some possible implementations,
在一些可行的实施方式中,获得模块1304可以具体用于:In some possible implementations, the obtaining module 1304 can be specifically configured to:
根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;Calculating an intermediate key according to the first encryption key and the first integrity key;
将所述中间密钥的第一预设比特位作为第二加密密钥,将所述中间密钥的第二预设比特位作为第二完整性密钥。The first preset bit of the intermediate key is used as the second encryption key, and the second preset bit of the intermediate key is used as the second integrity key.
作为一种可行的实施方式,获得模块1304可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the obtaining module 1304 may perform operations on the first encryption key and the first integrity key, and then use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,获得模块1304可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another possible implementation manner, the obtaining module 1304 may directly use the existing GPRS encryption key Kc (64 bits) as an intermediate key, or directly use the existing Kc128 (128 bits) as an intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
作为一种可行的实施方式,获得模块1304可以将所述中间密钥的第一预设比特位作为第二加密密钥。例如,若GPRS系统需要64位的第二加密密钥,则可以直接将所述中间密钥的最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥,则可以直接将所述中间密钥的最高128位作为第二加密密钥。在其他可选的实施方式中,也可以从所述中间密钥中任意选取所需位数的比特位作为第二加密密钥,本申请对此不做限定。 As a possible implementation manner, the obtaining module 1304 may use the first preset bit of the intermediate key as the second encryption key. For example, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits of the intermediate key can be directly used as the second encryption key; if the GPRS system requires a 128-bit second encryption key, then The highest 128 bits of the intermediate key are directly used as the second encryption key. In other optional implementations, the bit of the required number of bits may be arbitrarily selected from the intermediate key as the second encryption key, which is not limited in this application.
作为一种可行的实施方式,获得模块1304可以将所述中间密钥的第二预设比特位作为第二完整性密钥。例如,若GPRS系统需要64位的第二完整性密钥,则可以直接将所述中间密钥的最低64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,则可以直接将所述中间密钥的最低128位作为第二完整性密钥。在其他可选的实施方式中,也可以从所述中间密钥中任意选取所需位数的比特位作为第二完整性密钥,本申请对此不做限定。As a possible implementation manner, the obtaining module 1304 may use the second preset bit of the intermediate key as the second integrity key. For example, if the GPRS system requires a 64-bit second integrity key, the lowest 64 bits of the intermediate key can be directly used as the second integrity key; if the GPRS system requires a 128-bit second integrity key Then, the lowest 128 bits of the intermediate key can be directly used as the second integrity key. In other optional implementations, the bit of the required number of bits may be arbitrarily selected from the intermediate key as the second integrity key, which is not limited in this application.
在一些可行的实施方式中,获得模块1304可以具体用于:In some possible implementations, the obtaining module 1304 can be specifically configured to:
将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。Using the first encryption key or a preset bit of the first encryption key as the second encryption key; pre-predetermining the first integrity key or the first integrity key A bit is set as the second integrity key.
在一些可行的实施方式中,第一加密密钥为128位密钥,GPRS系统所需的第二加密密钥也为128位密钥,则可以直接将第一加密密钥作为第二加密密钥;若GPRS系统所需的第二加密密钥为64位密钥,则可从第一加密密钥中选取64个预设比特位作为第二加密密钥,例如选取最高64位作为第二加密密钥。In some possible implementations, the first encryption key is a 128-bit key, and the second encryption key required by the GPRS system is also a 128-bit key, and the first encryption key can be directly used as the second encryption key. Key; if the second encryption key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first encryption key as the second encryption key, for example, selecting the highest 64 bits as the second key Encryption key.
在一些可行的实施方式中,第一完整性密钥为128位密钥,GPRS系统所需的第二完整性密钥也为128位密钥,则可以直接将第一完整性密钥作为第二完整性密钥;若GPRS系统所需的第二完整性密钥为64位密钥,则可从第一完整性密钥中选取64个预设比特位作为第二完整性密钥,例如选取最高64位作为第二完整性密钥。In some possible implementations, the first integrity key is a 128-bit key, and the second integrity key required by the GPRS system is also a 128-bit key, and the first integrity key can be directly used as the first a second integrity key; if the second integrity key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first integrity key as the second integrity key, for example The highest 64 bits are selected as the second integrity key.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE计算第二加密密钥和第二完整性密钥,通过第二加密密钥和第二完整性密钥对SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the first integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE calculates the second encryption The key and the second integrity key perform encryption protection and integrity protection on the communication message between the SGSN and the UE through the second encryption key and the second integrity key, and enhance communication of the first type UE in the GPRS network Security.
请参阅图16,图16是本申请提供的SGSN设备的另一实施例的结构示意图。如图16所示,该SGSN设备可包括接收装置1601、发送装置1602、和处 理器1603,上述接收装置1601、发送装置1602和处理器1603通过总线相连,其中:Please refer to FIG. 16. FIG. 16 is a schematic structural diagram of another embodiment of an SGSN device provided by the present application. As shown in FIG. 16, the SGSN device may include a receiving device 1601, a transmitting device 1602, and a The processor 1603, the receiving device 1601, the transmitting device 1602 and the processor 1603 are connected by a bus, wherein:
所述接收装置1601,用于接收UE发送的请求消息;The receiving device 1601 is configured to receive a request message sent by the UE.
所述处理器1603,用于:The processor 1603 is configured to:
从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;Acquiring an authentication vector from the HLR/HSS, the authentication vector including a first encryption key and a first integrity key;
若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法;And if the SGSN determines that the UE is a first type of UE, selecting an encryption algorithm and an integrity algorithm for the UE;
根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;Obtaining a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
所述发送装置1602,用于将所选择的加密算法和完整性算法发送给所述UE;The sending device 1602 is configured to send the selected encryption algorithm and integrity algorithm to the UE;
其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity algorithm. And used for integrity protection of messages transmitted between the SGSN and the UE.
在一些可行的实施方式中,所述请求消息中包含所述UE的标识;In some possible implementations, the request message includes an identifier of the UE;
所述发送装置1602,还用于将所述UE的标识发送给所述HLR/HSS,以使所述HLR/HSS根据所述UE的标识确定所述UE为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;The sending device 1602 is further configured to send the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines that the UE is a first type UE according to the identifier of the UE, and the The SGSN sends the UE type indication information, where the UE type indication information is used to indicate that the UE is a first type UE;
所述处理器1603判断所述UE是否为第一类型UE,包括:所述处理器接收所述HLR/HSS发送的UE类型指示信息,确定所述UE为第一类型UE。The processor 1603 determines whether the UE is a first type of UE, and the method includes: the processor receiving the UE type indication information sent by the HLR/HSS, and determining that the UE is a first type of UE.
在一些可行的实施方式中,所述处理器1603确定述UE为第一类型UE,包括:In some possible implementations, the processor 1603 determines that the UE is a first type of UE, including:
若所述请求消息包含UE类型指示信息,所述处理器1603确定所述UE为第一类型UE。If the request message includes UE type indication information, the processor 1603 determines that the UE is a first type of UE.
在一些可行的实施方式中,所述处理器1603根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:In some possible implementations, the processor 1603 obtains the second encryption key and the second integrity key according to the first encryption key and the first integrity key, including:
所述处理器1603根据所述第一加密密钥和所述第一完整性密钥,计算中 间密钥;The processor 1603 calculates, according to the first encryption key and the first integrity key, Inter-key
所述处理器1603根据所述中间密钥和加密特征字符串,计算第二加密密钥;The processor 1603 calculates a second encryption key according to the intermediate key and the encryption feature string;
所述处理器1603根据所述中间密钥和完整性特征字符串,计算第二完整性密钥。The processor 1603 calculates a second integrity key according to the intermediate key and the integrity feature string.
在一些可行的实施方式中,所述处理器1603根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:In some possible implementations, the processor 1603 obtains the second encryption key and the second integrity key according to the first encryption key and the first integrity key, including:
所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor uses a first preset bit of the intermediate key as the second encryption a key, the second preset bit of the intermediate key is used as the second integrity key; or
所述处理器根据所述认证向量中的第一加密密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述处理器根据所述认证向量中的第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The processor calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm in the authentication vector; the processor is according to the authentication vector Calculating the second integrity key by the first integrity key, the second algorithm type indication, and the identifier of the selected integrity algorithm, wherein the first algorithm type indication and the second algorithm type indication are taken Values are not the same; or,
所述处理器将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述处理器将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The processor uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the processor sets the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
在一些可行的实施方式中,所述认证向量为认证向量五元组;In some possible implementations, the authentication vector is an authentication vector quintuple;
所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
在一些可行的实施方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In some possible implementations, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请实施例中,SGSN接收UE发送的请求消息,在确定UE为第一类型UE后,选择一种加密算法和一种完整性算法,从HLR/HSS获取认证向量,根据认证向量中包含的第一加密密钥和第一完整性密钥,获得增强的第二加密密钥和第二完整性密钥,并将所选择的加密算法和完整性算法发送给UE,使UE在计算第二加密密钥和第二完整性密钥之后,SGSN和UE双方可通过第二加密密钥和第二完整性密钥、SGSN选择的加密算法和完整性算法来对 SGSN和UE之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the SGSN receives the request message sent by the UE, and after determining that the UE is the first type of UE, selects an encryption algorithm and an integrity algorithm, and obtains an authentication vector from the HLR/HSS, according to the authentication vector. Obtaining the second encryption key and the second integrity key, obtaining the enhanced second encryption key and the second integrity key, and transmitting the selected encryption algorithm and integrity algorithm to the UE, so that the UE is calculating the second After the encryption key and the second integrity key, both the SGSN and the UE can use the second encryption key and the second integrity key, the encryption algorithm selected by the SGSN, and the integrity algorithm. The communication message between the SGSN and the UE performs encryption protection and integrity protection, and enhances the security of communication of the first type UE in the GPRS network.
请参阅图17,图17是本申请提供的UE的一实施例的结构示意图。如图17所示,该UE可包括发送模块1701、接收模块1702和获取模块1703,其中:Referring to FIG. 17, FIG. 17 is a schematic structural diagram of an embodiment of a UE provided by the present application. As shown in FIG. 17, the UE may include a sending module 1701, a receiving module 1702, and an obtaining module 1703, where:
发送模块1701,用于向SGSN发送请求消息。The sending module 1701 is configured to send a request message to the SGSN.
具体实施中,发送模块1701发送给SGSN的请求消息可以是附着请求消息、路由更新消息或其他消息,例如服务请求消息。SGSN接收UE发送的请求消息后,可获取发送该请求消息的UE的标识。若该UE为第一类型UE,请求消息中可能携带UE类型指示信息。In a specific implementation, the request message sent by the sending module 1701 to the SGSN may be an attach request message, a route update message, or other message, such as a service request message. After receiving the request message sent by the UE, the SGSN may obtain the identifier of the UE that sends the request message. If the UE is the first type of UE, the request message may carry the UE type indication information.
本申请实施例中,UE通过USIM卡与网络通信,UE的标识可以是USIM卡的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)。第一类型UE指的是具备信息传感功能和消息传输功能的用户设备,例如导览机、个人数字助理、条码采集器、数据采集终端和主要用于消费或转账的POS机等。机器通信UE指的是具备联网和通信能力,通过传感器、控制器等来实现“智能”属性,从而能与人、移动网络或其他机器进行信息交流的用户设备。In the embodiment of the present application, the UE communicates with the network through the USIM card, and the identifier of the UE may be an IMSI (International Mobile Subscriber Identification Number) of the USIM card. The first type of UE refers to user equipments having information sensing functions and message transmission functions, such as a navigation machine, a personal digital assistant, a barcode collector, a data collection terminal, and a POS machine mainly used for consumption or transfer. Machine communication UE refers to a user equipment that has networking and communication capabilities, and realizes "smart" attributes through sensors, controllers, etc., so that information can be exchanged with people, mobile networks or other machines.
本申请实施例的UE为第一类型UE,在一些可行的实施方式中,发送模块1701向所述SGSN发送的请求消息中可包含UE类型指示信息,以使所述SGSN根据所述UE类型指示信息判定所述UE为第一类型UE。The UE in the embodiment of the present application is a first type of UE. In some possible implementations, the request message sent by the sending module 1701 to the SGSN may include UE type indication information, so that the SGSN indicates according to the UE type. The information determines that the UE is a first type of UE.
可选地,UE类型指示信息可通过特定信息元素(Information Element,IE)的存在性来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中存在某一特定IE,SGSN则可确定UE为第一类型UE,否则可确定UE不是第一类型UE。或者,UE类型指示信息还可通过特定IE的取值来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中某一特定IE的取值为1,SGSN可确定UE为第一类型UE,若该特定IE的取值为0,则SGSN可确定UE不是第一类型UE。Optionally, the UE type indication information may indicate that the UE is the first type of UE by using the presence of a specific information element (IE), for example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, If a certain IE exists in the UE type indication information, the SGSN may determine that the UE is the first type of UE, and may determine that the UE is not the first type of UE. Alternatively, the UE type indication information may also indicate that the UE is the first type of UE by using the value of the specific IE. For example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, if the UE type indication information is in the UE type indication information, If the value of the specific IE is 1, the SGSN may determine that the UE is the first type of UE. If the value of the specific IE is 0, the SGSN may determine that the UE is not the first type of UE.
具体实施中,UE和SGSN各自配置了一些加密算法和完整性算法,发送模块1701向SGSN发送请求消息时,将自身支持的加密算法和完整性算法一 并发送给SGSN。In a specific implementation, the UE and the SGSN are respectively configured with some encryption algorithms and integrity algorithms. When the sending module 1701 sends a request message to the SGSN, the encryption algorithm and the integrity algorithm supported by the UE are supported. And sent to the SGSN.
接收模块1702,用于接收所述SGSN发送的加密算法和完整性算法。The receiving module 1702 is configured to receive an encryption algorithm and an integrity algorithm sent by the SGSN.
SGSN接收UE的请求消息之后,若确定上述UE是第一类型UE,SGSN从UE支持的加密算法和完整性算法中选择一种SGSN支持的加密算法以及一种SGSN支持的完整性算法。SGSN将选择的加密算法和完整性算法发送给UE,并根据认证向量中的第一加密密钥和第一完整性密钥,获得第二加密密钥和第二完整性密钥。After the SGSN receives the request message of the UE, if it is determined that the UE is the first type of UE, the SGSN selects an encryption algorithm supported by the SGSN and an integrity algorithm supported by the SGSN from the encryption algorithm and the integrity algorithm supported by the UE. The SGSN sends the selected encryption algorithm and integrity algorithm to the UE, and obtains a second encryption key and a second integrity key according to the first encryption key and the first integrity key in the authentication vector.
具体实施中,SGSN在将选择的加密算法和完整性算法发送给UE的同时,还可以将认证向量中的随机数RAND和认证令牌AUTN发送给UE。UE可以根据认证令牌AUTN对SGSN侧进行认证,以实现UE侧对网络侧的鉴权。UE还可以根据接收到的随机数RAND和认证令牌AUTN,利用f1-f5算法计算出第一加密密钥和第一完整性密钥,UE计算出的第一加密密钥和第一完整性密钥与SGSN从HLR/HSS获取的认证向量中的第一加密密钥和第一完整性密钥相同。SGSN向HLR/HSS获取的认证向量为认证向量五元组,其中包括随机数RAND、期望响应XRES、认证令牌AUTN、加密密钥CK和完整性密钥IK。In a specific implementation, the SGSN may send the selected encryption algorithm and the integrity algorithm to the UE, and may also send the random number RAND and the authentication token AUTN in the authentication vector to the UE. The UE can authenticate the SGSN side according to the authentication token AUTN to implement authentication on the network side by the UE side. The UE may further calculate the first encryption key and the first integrity key by using the f1-f5 algorithm according to the received random number RAND and the authentication token AUTN, and the first encryption key and the first integrity calculated by the UE. The key is the same as the first encryption key and the first integrity key in the authentication vector obtained by the SGSN from the HLR/HSS. The authentication vector acquired by the SGSN to the HLR/HSS is an authentication vector quintuple including a random number RAND, an expected response XRES, an authentication token AUTN, an encryption key CK, and an integrity key IK.
本申请实施例中,第一加密密钥为认证向量五元组中的加密密钥CK,第一完整性密钥为认证向量五元组中的完整性密钥IK。In the embodiment of the present application, the first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
在一些可行的实施方式中,SGSN选择的加密算法和完整性算法可用于和认证向量中的第一加密密钥CK、第一完整性密钥IK一起计算第二加密密钥和第二完整性密钥。此外,根据加密算法和生成的第二加密密钥,可以对通信消息进行加密,生成消息密文;根据完整性算法和生成的第二完整性密钥,可以计算得到消息鉴权码MAC,消息鉴权码MAC可用于验证通信消息的完整性。In some possible implementations, the SGSN selected encryption algorithm and integrity algorithm can be used to calculate the second encryption key and the second integrity together with the first encryption key CK, the first integrity key IK in the authentication vector. Key. In addition, according to the encryption algorithm and the generated second encryption key, the communication message may be encrypted to generate a message ciphertext; according to the integrity algorithm and the generated second integrity key, the message authentication code MAC, the message may be calculated. The authentication code MAC can be used to verify the integrity of the communication message.
可选地,当GPRS网络需要128位的第二加密密钥时,SGSN选择的加密算法可以是128-EEA1算法、128-EEA2算法、128-EEA3算法中任意一种;SGSN选择的完整性算法可以是128-EIA1算法、128-EIA2算法、128-EIA3算法中任意一种。其中128-EEA1算法和128-EIA1算法使用SNOW 3G算法作为核心算法;128-EEA2算法和128-EIA2算法使用AES算法作为核心算法;128-EEA3 算法和128-EIA3算法使用ZUC算法(祖冲之算法集)作为核心算法。Optionally, when the GPRS network needs a 128-bit second encryption key, the encryption algorithm selected by the SGSN may be any one of the 128-EEA1 algorithm, the 128-EEA2 algorithm, and the 128-EEA3 algorithm; the integrity algorithm selected by the SGSN. It may be any one of 128-EIA1 algorithm, 128-EIA2 algorithm, and 128-EIA3 algorithm. The 128-EEA1 algorithm and the 128-EIA1 algorithm use the SNOW 3G algorithm as the core algorithm; the 128-EEA2 algorithm and the 128-EIA2 algorithm use the AES algorithm as the core algorithm; 128-EEA3 The algorithm and the 128-EIA3 algorithm use the ZUC algorithm (the ancestral algorithm set) as the core algorithm.
获取模块1703,用于根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥。The obtaining module 1703 is configured to obtain the second encryption key and the second integrity key according to the first encryption key and the first integrity key.
本申请实施例中,第二加密密钥和第二完整性密钥是在第一加密密钥和第一完整性密钥基础上增强的密钥。第二加密密钥和SGSN发送的加密算法用于对SGSN和所述UE之间传输的消息进行机密性保护,第二完整性密钥和SGSN发送的完整性算法用于对SGSN和所述UE之间传输的消息进行完整性保护。In the embodiment of the present application, the second encryption key and the second integrity key are keys enhanced based on the first encryption key and the first integrity key. The second encryption key and the encryption algorithm sent by the SGSN are used to perform confidentiality protection on the message transmitted between the SGSN and the UE, and the integrity algorithm sent by the second integrity key and the SGSN is used for the SGSN and the UE. The messages transmitted between are integrity protected.
可选地,获取模块1703可以仅根据第一加密密钥和第一完整性密钥来获取第二加密密钥和第二完整性密钥;或者,获取模块1703可以根据第一加密密钥、第一完整性密钥、SGSN发送的加密算法和完整性算法来获取第二加密密钥和第二完整性密钥。Optionally, the obtaining module 1703 may obtain the second encryption key and the second integrity key only according to the first encryption key and the first integrity key; or the obtaining module 1703 may be configured according to the first encryption key, The first integrity key, the encryption algorithm sent by the SGSN, and the integrity algorithm acquire the second encryption key and the second integrity key.
获取第二加密密钥和第二完整性密钥之后,为了对SGSN和UE之间的通信消息进行保护,需要SGSN和UE双方使用约定的密钥(即第二加密密钥和第二完整性密钥)和算法(即SGSN发送的加密算法和完整性算法)对通信消息进行加密。After obtaining the second encryption key and the second integrity key, in order to protect the communication message between the SGSN and the UE, the SGSN and the UE are required to use the agreed key (ie, the second encryption key and the second integrity). The key) and the algorithm (ie, the encryption algorithm and integrity algorithm sent by the SGSN) encrypt the communication message.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and calculates a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can perform encryption protection and integrity protection on the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. The security of communication of a type of UE in a GPRS network.
下面将结合附图18-附图19,对图17所示的获取模块1703的结构和功能进行详细介绍。The structure and function of the acquisition module 1703 shown in FIG. 17 will be described in detail below with reference to FIGS. 18 to 19.
在一些可行的实施方式中,如图18所示,获取模块1703可包括第一计算单元17031、第二计算单元17032和第三计算单元17033,其中:In some possible implementations, as shown in FIG. 18, the obtaining module 1703 may include a first calculating unit 17031, a second calculating unit 17032, and a third calculating unit 17033, where:
第一计算单元17031,用于根据第一加密密钥和第一完整性密钥,计算中间密钥。The first calculating unit 17031 is configured to calculate an intermediate key according to the first encryption key and the first integrity key.
在一些可行的实施方式中,在第一计算单元17031计算中间密钥之前,UE先根据SGSN发送的认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC 是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。In some feasible implementation manners, before the first calculating unit 17031 calculates the intermediate key, the UE first calculates the expected authentication code XMAC according to the authentication token AUTN and the random number RAND sent by the SGSN, by comparing the expected authentication code XMAC and the authentication. Message authentication code MAC in token AUTN Whether it is the same to authenticate the SGSN side. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
作为一种可行的实施方式,第一计算单元17031可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the first calculating unit 17031 may perform operations on the first encryption key and the first integrity key, and then use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,所述中间密钥可直接采用现有的64位GPRS加密密钥Kc或现有的128位加密密钥Kc128,即第一计算单元17031可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another feasible implementation manner, the intermediate key may directly adopt an existing 64-bit GPRS encryption key Kc or an existing 128-bit encryption key Kc128, that is, the first computing unit 17031 may directly use the existing The GPRS encryption key Kc (64 bits) is used as an intermediate key, or the existing Kc128 (128 bits) is directly used as an intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
第二计算单元17032,用于根据所述中间密钥和加密特征字符串计算第二加密密钥。The second calculating unit 17032 is configured to calculate a second encryption key according to the intermediate key and the encrypted feature string.
具体实施中,可以将中间密钥和加密特征字符串ciphering作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥可以通过Kcipher=KDF(Km,“ciphering”)计算得到。“ciphering”是加密特征字符串,可以通过编码产生。In a specific implementation, the intermediate key and the encrypted feature string ciphering may be used as input parameters of the key derivation function KDF to calculate the second encryption key. For example, the second encryption key can be calculated by K cipher =KDF(Km, "ciphering"). "ciphering" is an encrypted feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) are used as the second encryption key; alternatively, the intermediate key Kc128 can be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second Encryption key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在 KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementations, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, The preset 64-bit (for example, the highest 64 bits) is intercepted in the output of the KDF as the second encryption key; or, the intermediate key Kc (64 bits) may be used as one of the input parameters of the key derivation function KDF, The output of the key derivation function KDF is used as the second encryption key.
第三计算单元17033,用于根据所述中间密钥和完整性特征字符串计算第二完整性密钥。The third calculating unit 17033 is configured to calculate a second integrity key according to the intermediate key and the integrity feature string.
具体实施中,可以将中间密钥和完整性特征字符串integrity作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥可以通过Kintegrity=KDF(Km,“integrity”)计算得到。“integrity”是完整性特征字符串,可以通过编码产生。In a specific implementation, the intermediate key and the integrity feature string integrity may be used as an input parameter of the key derivation function KDF to calculate the second integrity key. For example, the second integrity key can be calculated by K integrity = KDF(Km, "integrity"). "integrity" is an integrity feature string that can be generated by encoding.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is output. As the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,加密特征字符串ciphering和完整性特征字符串integrity用于使计算出来的第二加密密钥和第二完整性密钥不同以便于区分,因此完整性特征字符串integrity可以是任意与加密特征字符串ciphering不一致的字符串。In the embodiment of the present application, the encryption feature string ciphering and the integrity feature string integrity are used to make the calculated second encryption key and the second integrity key different to facilitate differentiation, so the integrity feature string integrity may be Any string that is inconsistent with the ciphering of the encrypted feature string.
在一些可行的实施方式中,如图18所示,获取模块1703可包括第一计算单元17031、第二计算单元17032和第三计算单元17033,其中: In some possible implementations, as shown in FIG. 18, the obtaining module 1703 may include a first calculating unit 17031, a second calculating unit 17032, and a third calculating unit 17033, where:
第一计算单元17031,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥。The first calculating unit 17031 is configured to calculate an intermediate key according to the first encryption key and the first integrity key.
作为一种可行的实施方式,第一计算单元1041可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the first calculating unit 1041 may perform operations on the first encryption key and the first integrity key, and then use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,第一计算单元1041可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another feasible implementation manner, the first calculating unit 1041 may directly use the existing GPRS encryption key Kc (64 bits) as an intermediate key, or directly use the existing Kc128 (128 bits) as an intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
第二计算单元17032,用于根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥。The second calculating unit 17032 is configured to calculate the second encryption key according to the intermediate key, the first algorithm type indication, and the identifier of the encryption algorithm.
具体实施中,第二计算单元1042可以将中间密钥、第一算法类型指示和所述加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥。例如:第二加密密钥Kcipher可以通过Kcipher=KDF(Km,algorithm type distinguisher1,ciphering algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的加密算法的标识。In a specific implementation, the second calculating unit 1042 may calculate the second encryption key by using the intermediate key, the first algorithm type indication, and the identifier of the encryption algorithm as input parameters of the key derivation function KDF. For example, the second encryption key K cipher can be calculated by K cipher = KDF (Km, algorithm type distinguished er1, ciphering algorithm id), where Km is an intermediate key, the algorithm type distinguish er1 is the first algorithm type indication, and the ciphering algorithm id is The identifier of the encryption algorithm selected by the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二加密密钥;或者,将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second encryption key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 128 bits (for example, the highest 128 bits) as the second encryption key; or, the intermediate key Kc128 is used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is used as the second encryption Key.
在一些可行的实施方式中,GPRS系统需要64位的第二加密密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二加密密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二加密密钥;或 者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二加密密钥。In some feasible implementation manners, the GPRS system requires a 64-bit second encryption key, and a preset 64-bit (for example, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function KDF. One of the input parameters, the output of the KDF is used as the second encryption key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and the preset is intercepted in the output of the KDF 64 bits (eg, the highest 64 bits) as the second encryption key; or The intermediate key Kc (64 bits) may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF may be used as the second encryption key.
第三计算单元17033,用于根据所述中间密钥、第二算法类型指示和所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The third calculating unit 17033 is configured to calculate the second integrity key according to the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm, where the first algorithm type indication and the The value indicated by the second algorithm type is different.
具体实施中,第三计算单元17033可以将中间密钥、第二算法类型指示和所述完整性算法的标识作为密钥推衍函数KDF的输入参数来计算第二完整性密钥。例如:第二完整性密钥Kcipher可以通过Kintegrity=KDF(Km,algorithm type distinguisher2,integrity algorithm id)计算得到,其中Km为中间密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的完整性算法的标识。In a specific implementation, the third calculating unit 17033 may calculate the second integrity key by using the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm as input parameters of the key derivation function KDF. For example, the second integrity key K cipher can be calculated by K integrity = KDF (Km, algorithm type distinguished er2, integrity algorithm id), where Km is the intermediate key, the algorithm type distinguish er2 is the second algorithm type indication, and the integrity algorithm id The identity of the integrity algorithm selected for the SGSN.
在一些可行的实施方式中,GPRS系统需要128位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的128位(例如最高的128位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的128位(例如最高的128位)作为第二完整性密钥;或者,可以将中间密钥Kc128作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some feasible implementation manners, the GPRS system needs a 128-bit second integrity key, and a preset 128-bit (for example, the highest 128 bits) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 128 bits (for example, the highest 128 bits) is used as the second integrity key; or, the intermediate key Kc128 may be used as one of the input parameters of the key derivation function KDF, and the output of the key derivation function KDF is output. As the second integrity key.
在一些可行的实施方式中,GPRS系统需要64位的第二完整性密钥,可以从计算出的中间密钥Km中截取预设的64位(例如最高的64位)作为密钥推衍函数KDF的输入参数之一,将KDF的输出作为第二完整性密钥;或者,可以直接将计算出的中间密钥Km作为密钥推衍函数KDF的输入参数之一,在KDF的输出中截取预设的64位(例如最高的64位)作为第二完整性密钥;或者,可以将中间密钥Kc(64位)作为密钥推衍函数KDF的输入参数之一,将密钥推衍函数KDF的输出作为第二完整性密钥。In some possible implementations, the GPRS system requires a 64-bit second integrity key, and a preset 64-bit (eg, the highest 64-bit) can be intercepted from the calculated intermediate key Km as a key derivation function. One of the input parameters of the KDF, the output of the KDF is used as the second integrity key; or, the calculated intermediate key Km can be directly used as one of the input parameters of the key derivation function KDF, and intercepted in the output of the KDF The preset 64 bits (for example, the highest 64 bits) is used as the second integrity key; or, the intermediate key Kc (64 bits) can be used as one of the input parameters of the key derivation function KDF, and the key is deduced The output of the function KDF acts as the second integrity key.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二 算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indicates an algorithm for indicating that the algorithm currently participating in the operation is an encryption type, and the second algorithm type indicates an algorithm for indicating that the algorithm currently participating in the operation is an integrity type. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the second The IE indicated by the algorithm type is an algorithm type distinguisher er. When the algorithm type distinguishes er=00, the algorithm indicating the encryption type is an algorithm indicating the integrity type when the algorithm type distinguishes er=01.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示中IE的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may adopt the same identifier, and in this case, the algorithm type indication is needed to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second Different values of the IE in the algorithm type indication may distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and may cause the calculated values of the second encryption key and the second integrity key to be different to distinguish the second encryption key. Key and second integrity key.
在一些可行的实施方式中,如图19所示,获取模块1703可包括第四计算单元17034和第五计算单元17035,其中:In some possible implementations, as shown in FIG. 19, the obtaining module 1703 may include a fourth calculating unit 17034 and a fifth calculating unit 17035, where:
第四计算单元17034,用于根据第一加密密钥、第一算法类型指示和所述加密算法的标识计算第二加密密钥。The fourth calculating unit 17034 is configured to calculate a second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm.
在一些可行的实施方式中,在第四计算单元17034计算第二加密密钥和第五计算单元17035计算第二完整性密钥之前,UE先根据SGSN发送的认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。In some feasible implementation manners, before the fourth calculating unit 17034 calculates the second encryption key and the fifth calculating unit 17035 calculates the second integrity key, the UE first calculates according to the authentication token AUTN and the random number RAND sent by the SGSN. The authentication code XMAC is expected to authenticate the SGSN side by comparing whether the expected authentication code XMAC is the same as the message authentication code MAC in the authentication token AUTN. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
具体地,第四计算单元17034可以将第一加密密钥、第一算法类型指示和所选择的加密算法的标识作为密钥推衍函数KDF的输入参数来计算第二加密密钥,例如:Kcipher=KDF(CK,algorithm type distinguisher1,ciphering algorithm id),其中CK为第一加密密钥,algorithm type distinguisher1为第一算法类型指示,ciphering algorithm id为SGSN所选择的的加密算法的标识。Specifically, the fourth calculating unit 17034 may calculate the second encryption key by using the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm as input parameters of the key derivation function KDF, for example: K The cipher is the first encryption type, and the ciphering algorithm id is the identifier of the encryption algorithm selected by the SGSN. The cipher is the first encryption type.
可选地,若GPRS系统需要64位的第二加密密钥,可以从计算出的Kcipher中取最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥, 可以从计算出的Kcipher中取最高128位作为第二加密密钥。在其他可行的实施方式中,也可以从计算出的Kcipher中任意选出所需位数作为第二加密密钥,本申请对此不做限定。Optionally, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits may be taken from the calculated K cipher as the second encryption key; if the GPRS system requires a 128-bit second encryption key, The highest 128 bits are taken from the calculated K cipher as the second encryption key. In other possible implementations, the required number of bits can be arbitrarily selected as the second encryption key from the calculated K cipher , which is not limited in this application.
第五计算单元17035,用于根据第一完整性密钥、第二算法类型指示和所述完整性算法的标识计算第二完整性密钥。The fifth calculating unit 17035 is configured to calculate a second integrity key according to the first integrity key, the second algorithm type indication, and the identifier of the integrity algorithm.
具体地,第五计算单元17035可以将第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识作为密钥推衍函数KDF的输入参数来计算第二完整性密钥,例如:Kintegrity=KDF(IK,algorithm type distinguisher2,integrity algorithm id),其中IK为第一完整性密钥,algorithm type distinguisher2为第二算法类型指示,integrity algorithm id为SGSN所选择的的完整性算法的标识。Specifically, the fifth calculating unit 17035 may calculate the second integrity key by using the first integrity key, the second algorithm type indication, and the identifier of the selected integrity algorithm as input parameters of the key derivation function KDF, For example: K integrity = KDF (IK, algorithm type distinguisher er2, integrity algorithm id), where IK is the first integrity key, algorithm type distinguish er2 is the second algorithm type indication, and integrity algorithm id is the integrity algorithm selected by the SGSN. Logo.
可选地,若GPRS系统需要64位的第二完整性密钥,可以从计算出的Kintegrity中取最高64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,可以从计算出的Kintegrity中取最高128位作为第二完整性密钥。Optionally, if the GPRS system requires a 64-bit second integrity key, a maximum of 64 bits may be taken from the calculated K integrity as a second integrity key; if the GPRS system requires a 128-bit second integrity key The key can take the highest 128 bits from the calculated K integrity as the second integrity key.
本申请实施例中,第一算法类型指示用于指示当前参与运算的算法为加密类型的算法,第二算法类型指示用于指示当前参与运算的算法为完整性类型的算法,第一算法类型指示和第二算法类型指示的取值不相同。在一些可行的实施例中,第一算法类型指示和第二算法类型指示可包含相同的IE,两者通过IE的取值不同来区分。例如,第一算法类型指示和第二算法类型指示的IE均为algorithm type distinguisher,当algorithm type distinguisher=00时,指示加密类型的算法,当algorithm type distinguisher=01时,指示完整性类型的算法。In the embodiment of the present application, the first algorithm type indication is used to indicate that the algorithm currently participating in the operation is an encryption type algorithm, and the second algorithm type indication is used to indicate that the algorithm currently participating in the operation is an integrity type algorithm, and the first algorithm type indication The value indicated by the second algorithm type is different. In some feasible embodiments, the first algorithm type indication and the second algorithm type indication may include the same IE, and the two are distinguished by different values of the IE. For example, the first algorithm type indication and the IE indicated by the second algorithm type are both an algorithm type distinguisher er. When the algorithm type distinguishes er=00, an algorithm indicating an encryption type, when the algorithm type distinguishes er=01, an algorithm indicating the integrity type.
在一些可能的情况中,加密算法和完整性算法可能采用相同的标识,此时需要结合算法类型指示来唯一区分各个算法。例如,假设128-EEA1算法和128-EIA1均以1作为算法标识,当SGSN选择的加密算法和完整性算法分别为128-EEA1算法和128-EIA1算法时,通过第一算法类型指示和第二算法类型指示的不同取值可以区分128-EEA1算法和128-EIA1算法,同时可以使计算出来的第二加密密钥和第二完整性密钥的值不相同,以区分第二加密密钥和第二完整性密钥。In some possible cases, the encryption algorithm and the integrity algorithm may adopt the same identifier, and in this case, the algorithm type indication is needed to uniquely distinguish each algorithm. For example, suppose that both the 128-EEA1 algorithm and the 128-EIA1 are identified by an algorithm. When the encryption algorithm and the integrity algorithm selected by the SGSN are the 128-EEA1 algorithm and the 128-EIA1 algorithm, respectively, the first algorithm type indicates and the second The different values indicated by the algorithm type can distinguish the 128-EEA1 algorithm and the 128-EIA1 algorithm, and can make the calculated values of the second encryption key and the second integrity key different to distinguish the second encryption key and Second integrity key.
在一些可行的实施方式中,所述获取模块1703可以具体用于:In some possible implementations, the obtaining module 1703 may be specifically configured to:
根据第一加密密钥和第一完整性密钥计算中间密钥; Calculating an intermediate key according to the first encryption key and the first integrity key;
将所述中间密钥的第一预设比特位作为第二加密密钥,将所述中间密钥的第二预设比特位作为第二完整性密钥。The first preset bit of the intermediate key is used as the second encryption key, and the second preset bit of the intermediate key is used as the second integrity key.
在一些可行的实施方式中,在获取模块1703计算中间密钥之前,UE先根据SGSN发送的认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。In some feasible implementation manners, before the obtaining module 1703 calculates the intermediate key, the UE first calculates the expected authentication code XMAC according to the authentication token AUTN and the random number RAND sent by the SGSN, by comparing the expected authentication code XMAC with the authentication token. Whether the message authentication code MAC in the AUTN is the same to authenticate the SGSN side. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
作为一种可行的实施方式,获取模块1703可以对第一加密密钥和第一完整性密钥进行运算,然后将运算结果作为密钥推衍函数KDF的输入参数来计算中间密钥。例如,中间密钥可以为Km=KDF(CK||IK),其中CK||IK表示对第一加密密钥CK和第一完整性密钥IK进行连接运算。As a feasible implementation manner, the obtaining module 1703 may perform operations on the first encryption key and the first integrity key, and then use the operation result as an input parameter of the key derivation function KDF to calculate the intermediate key. For example, the intermediate key may be Km=KDF(CK||IK), where CK||IK represents a join operation on the first encryption key CK and the first integrity key IK.
作为另一种可行的实施方式,所述中间密钥可直接采用现有的64位GPRS加密密钥Kc或现有的128位加密密钥Kc128,即获取模块1703可以直接将现有的GPRS加密密钥Kc(64位)作为中间密钥,或直接将现有的Kc128(128位)作为中间密钥。其中Kc和Kc128都是根据CK和IK计算生成的。As another feasible implementation manner, the intermediate key may directly adopt an existing 64-bit GPRS encryption key Kc or an existing 128-bit encryption key Kc128, that is, the acquisition module 1703 may directly encrypt the existing GPRS. The key Kc (64 bits) is used as the intermediate key, or the existing Kc128 (128 bits) is directly used as the intermediate key. Kc and Kc128 are generated based on CK and IK calculations.
作为一种可行的实施方式,获取模块1703可以将所述中间密钥的第一预设比特位作为第二加密密钥。例如,若GPRS系统需要64位的第二加密密钥,则可以直接将所述中间密钥的最高64位作为第二加密密钥;若GPRS系统需要128位的第二加密密钥,则可以直接将所述中间密钥的最高128位作为第二加密密钥。可选地,也可以从所述中间密钥中任意选取所需位数的比特位作为第二加密密钥,本申请对此不做限定。As a possible implementation manner, the obtaining module 1703 may use the first preset bit of the intermediate key as the second encryption key. For example, if the GPRS system requires a 64-bit second encryption key, the highest 64 bits of the intermediate key can be directly used as the second encryption key; if the GPRS system requires a 128-bit second encryption key, then The highest 128 bits of the intermediate key are directly used as the second encryption key. Optionally, the bit of the required number of bits can be arbitrarily selected from the intermediate key as the second encryption key, which is not limited in this application.
作为一种可行的实施方式,获取模块1703可以将所述中间密钥的第二预设比特位作为第二完整性密钥。例如,若GPRS系统需要64位的第二完整性密钥,则可以直接将所述中间密钥的最低64位作为第二完整性密钥;若GPRS系统需要128位的第二完整性密钥,则可以直接将所述中间密钥的最低128位作为第二完整性密钥。可选地,也可以从所述中间密钥中任意选取所需位数的比特位作为第二完整性密钥,本申请对此不做限定。 As a possible implementation manner, the obtaining module 1703 may use the second preset bit of the intermediate key as the second integrity key. For example, if the GPRS system requires a 64-bit second integrity key, the lowest 64 bits of the intermediate key can be directly used as the second integrity key; if the GPRS system requires a 128-bit second integrity key Then, the lowest 128 bits of the intermediate key can be directly used as the second integrity key. Optionally, the bit of the required number of bits can be arbitrarily selected from the intermediate key as the second integrity key, which is not limited in this application.
在一些可行的实施方式中,所述获取模块1703可以具体用于:In some possible implementations, the obtaining module 1703 may be specifically configured to:
将第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;Using a first encryption key or a preset bit of the first encryption key as the second encryption key;
将第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The first integrity key or the preset bit of the first integrity key is used as the second integrity key.
在一些可行的实施方式中,在获取模块1703计算第二加密密钥或第二完整性密钥之前,UE可先根据认证令牌AUTN和随机数RAND计算期望鉴权码XMAC,通过比较期望鉴权码XMAC与认证令牌AUTN中的消息鉴权码MAC是否相同来对SGSN侧进行认证。对SGSN侧的认证通过之后,UE根据SGSN发送的随机数RAND和认证令牌AUTN计算出第一加密密钥CK和第一完整性密钥IK,并计算随机数响应RES,以及将随机数响应RES发送给SGSN,以供SGSN侧对UE进行认证。In some feasible implementation manners, before the obtaining module 1703 calculates the second encryption key or the second integrity key, the UE may first calculate the expected authentication code XMAC according to the authentication token AUTN and the random number RAND, by comparing the expected identification. The weight code XMAC is the same as the message authentication code MAC in the authentication token AUTN to authenticate the SGSN side. After the authentication of the SGSN side is passed, the UE calculates the first encryption key CK and the first integrity key IK according to the random number RAND and the authentication token AUTN sent by the SGSN, and calculates a random number response RES, and responds with a random number. The RES is sent to the SGSN for the SGSN side to authenticate the UE.
在一些可行的实施方式中,第一加密密钥为128位密钥,GPRS系统所需的第二加密密钥也为128位密钥,则可以直接将第一加密密钥作为第二加密密钥;若GPRS系统所需的第二加密密钥为64位密钥,则可从第一加密密钥中选取64个预设比特位作为第二加密密钥,例如选取最高64位作为第二加密密钥。In some possible implementations, the first encryption key is a 128-bit key, and the second encryption key required by the GPRS system is also a 128-bit key, and the first encryption key can be directly used as the second encryption key. Key; if the second encryption key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first encryption key as the second encryption key, for example, selecting the highest 64 bits as the second key Encryption key.
在一些可行的实施方式中,第一完整性密钥为128位密钥,GPRS系统所需的第二完整性密钥也为128位密钥,则可以直接将第一完整性密钥作为第二完整性密钥;若GPRS系统所需的第二完整性密钥为64位密钥,则可从第一完整性密钥中选取64个预设比特位作为第二完整性密钥,例如选取最高64位作为第二完整性密钥。In some possible implementations, the first integrity key is a 128-bit key, and the second integrity key required by the GPRS system is also a 128-bit key, and the first integrity key can be directly used as the first a second integrity key; if the second integrity key required by the GPRS system is a 64-bit key, 64 preset bits may be selected from the first integrity key as the second integrity key, for example The highest 64 bits are selected as the second integrity key.
本申请实施例中,UE向SGSN发送请求消息,接收SGSN发送的加密算法和完整性算法,根据第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥。SGSN和UE双方可通过第二加密密钥、第二完整性密钥、SGSN向UE发送的加密算法和完整性算法来对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, receives an encryption algorithm and an integrity algorithm sent by the SGSN, and calculates a second encryption key and a second integrity key according to the first encryption key and the first integrity key. . Both the SGSN and the UE can perform encryption protection and integrity protection on the communication message between the UE and the SGSN by using the second encryption key, the second integrity key, and the encryption algorithm and the integrity algorithm sent by the SGSN to the UE. The security of communication of a type of UE in a GPRS network.
请参阅图20,图20是本申请提供的UE的另一实施例的结构示意图。如图20所示,该UE可包括发送装置2001、接收装置2002和处理器2003,上 述发送装置2001、接收装置2002和处理器2003可通过总线相连,其中:Referring to FIG. 20, FIG. 20 is a schematic structural diagram of another embodiment of a UE provided by the present application. As shown in FIG. 20, the UE may include a transmitting device 2001, a receiving device 2002, and a processor 2003. The transmitting device 2001, the receiving device 2002 and the processor 2003 can be connected by a bus, wherein:
发送装置2001,用于向SGSN发送请求消息;The sending device 2001 is configured to send a request message to the SGSN;
接收装置2002,用于接收所述SGSN发送的加密算法和完整性算法;The receiving device 2002 is configured to receive an encryption algorithm and an integrity algorithm sent by the SGSN;
处理器2003,用于根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;The processor 2003 is configured to obtain a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
在一些可行的实施方式中,发送装置2001向所述SGSN发送的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。In some feasible implementation manners, the request message sent by the sending apparatus 2001 to the SGSN includes UE type indication information, where the UE type indication information is used to indicate that the UE is a first type of UE.
在一些可行的实施方式中,处理器2003根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:In some possible implementations, the processor 2003 acquires the second encryption key and the second integrity key according to the first encryption key and the first integrity key, including:
处理器2003根据第一加密密钥和第一完整性密钥,计算中间密钥;The processor 2003 calculates an intermediate key according to the first encryption key and the first integrity key;
处理器2003根据所述中间密钥和加密特征字符串,计算第二加密密钥;The processor 2003 calculates a second encryption key according to the intermediate key and the encryption feature string;
处理器2003根据所述中间密钥和完整性特征字符串,计算第二完整性密钥。The processor 2003 calculates a second integrity key based on the intermediate key and the integrity feature string.
在一些可行的实施方式中,处理器2003根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:In some possible implementations, the processor 2003 acquires the second encryption key and the second integrity key according to the first encryption key and the first integrity key, including:
处理器2003根据所述第一加密密钥和第一完整性密钥,计算中间密钥;处理器2003将所述中间密钥的第一预设比特位作为第二加密密钥,将所述中间密钥的第二预设比特位作为第二完整性密钥;或者,The processor 2003 calculates an intermediate key according to the first encryption key and the first integrity key; the processor 2003 uses the first preset bit of the intermediate key as a second encryption key, The second preset bit of the intermediate key is used as the second integrity key; or
处理器2003根据第一加密密钥、第一算法类型指示和所述加密算法的标识计算第二加密密钥;处理器2003根据第一完整性密钥、第二算法类型指示和所述完整性算法的标识计算第二完整性密钥;或者,The processor 2003 calculates a second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; the processor 2003 according to the first integrity key, the second algorithm type indication, and the integrity The identifier of the algorithm calculates a second integrity key; or,
处理器2003将第一加密密钥或者第一加密密钥的预设比特位作为第二加密密钥;处理器2003将第一完整性密钥或者第一完整性密钥的预设比特位作为第二完整性密钥。The processor 2003 uses the first encryption key or the preset bit of the first encryption key as the second encryption key; the processor 2003 uses the first integrity key or the preset bit of the first integrity key as the Second integrity key.
在一些可行的实施方式中,所述第一加密密钥为认证向量五元组中的加密 密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。In some possible implementations, the first encryption key is an encryption in an authentication vector quintuple a key CK, the first integrity key being an integrity key IK in the authentication vector quintuple.
在一些可行的实施方式中,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。In some possible implementations, the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
本申请实施例中,UE向SGSN发送请求消息,根据SGSN选择的加密算法和完整性算法、第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥,通过第二加密密钥和第二完整性密钥对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In this embodiment, the UE sends a request message to the SGSN, and calculates a second encryption key and a second integrity key according to the encryption algorithm and the integrity algorithm selected by the SGSN, the first encryption key, and the first integrity key. Encryption protection and integrity protection of the communication message between the UE and the SGSN by the second encryption key and the second integrity key enhance the security of communication of the first type UE in the GPRS network.
请参阅图21,图21为本申请实施例提供的HLR/HSS的一实施例的结构示意图。如图21所示,该HLR/HSS可包括接收模块2101、确定模块2102和发送模块2103,其中:Referring to FIG. 21, FIG. 21 is a schematic structural diagram of an embodiment of an HLR/HSS according to an embodiment of the present application. As shown in FIG. 21, the HLR/HSS may include a receiving module 2101, a determining module 2102, and a sending module 2103, where:
接收模块2101,用于接收服务GPRS支持节点SGSN发送的用户设备UE的标识。The receiving module 2101 is configured to receive an identifier of the user equipment UE that is sent by the serving GPRS support node SGSN.
归属位置寄存器(Home Location Register,HLR)是GPRS系统的永久数据库,存储了管理众多移动用户通信所需的信息,包括已注册的移动用户的身份信息、业务信息、服务授权等静态信息,以及用户的位置信息等动态信息。归属签约系统HSS(Home Subscription System,HSS)是HLR的演进和升级,主要负责管理用户的签约数据及移动用户的位置信息。由于HSS与HLR在网络中功能类似,所存储数据有较多重复,通常对外呈现为HSS与HLR融合设备。本申请实施例中,HLR/HSS可以是HLR设备、HSS设备或HLR和HSS的融合设备。The Home Location Register (HLR) is a permanent database of the GPRS system, which stores information needed to manage the communication of many mobile users, including static information such as registered mobile users' identity information, service information, service authorization, and users. Dynamic information such as location information. The Home Subscription System (HSS) is an evolution and upgrade of the HLR. It is mainly responsible for managing the subscription data of users and the location information of mobile users. Since the HSS and the HLR function similarly in the network, the stored data has more repetitions, and is usually presented as an HSS and HLR fusion device. In the embodiment of the present application, the HLR/HSS may be an HLR device, an HSS device, or a fusion device of an HLR and an HSS.
本申请实施例中,UE通过USIM卡与网络通信,UE的标识可以是USIM卡的IMSI(International Mobile Subscriber Identification Number,国际移动用户识别码)。In the embodiment of the present application, the UE communicates with the network through the USIM card, and the identifier of the UE may be an IMSI (International Mobile Subscriber Identification Number) of the USIM card.
确定模块2102,用于根据所述UE的标识确定所述UE为第一类型UE。The determining module 2102 is configured to determine, according to the identifier of the UE, that the UE is a first type of UE.
具体实施中,HLR/HSS存储着众多UE的各种信息,在接收SGSN发送的UE的标识后,HLR/HSS可查询所述UE的相关信息,以确定所述UE是否为第一类型UE。本申请实施例以所述UE为第一类型UE为例进行说明。In a specific implementation, the HLR/HSS stores various information of a plurality of UEs. After receiving the identifier of the UE sent by the SGSN, the HLR/HSS may query related information of the UE to determine whether the UE is a UE of the first type. The embodiment of the present application is described by taking the UE as the first type of UE as an example.
本申请实施例中,第一类型UE可包括物联网UE、机器通信(Machine To  Machine,M2M)UE或其他高安全性UE。其中物联网UE指的是具备信息传感功能和数据传输功能的用户设备,例如导览机、个人数字助理、条码采集器、数据采集终端和主要用于消费或转账的POS机等。机器通信UE指的是具备联网和通信能力,通过传感器、控制器等来实现“智能”属性,从而能与人、移动网络或其他机器进行信息交流的用户设备。In the embodiment of the present application, the first type of UE may include an Internet of Things UE and a machine communication (Machine To Machine, M2M) UE or other high security UE. Among them, the Internet of Things (UE) refers to user equipments with information sensing functions and data transmission functions, such as navigation machines, personal digital assistants, bar code collectors, data collection terminals, and POS machines mainly used for consumption or transfer. Machine communication UE refers to a user equipment that has networking and communication capabilities, and realizes "smart" attributes through sensors, controllers, etc., so that information can be exchanged with people, mobile networks or other machines.
发送模块2103,用于向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The sending module 2103 is configured to send the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
可选地,UE类型指示信息可通过特定信息元素(Information Element,IE)的存在性来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中存在某一特定IE,SGSN则可确定UE为第一类型UE,否则可确定UE不是第一类型UE。或者,UE类型指示信息还可通过特定IE的取值来指示UE为第一类型UE,例如,当SGSN接收到HLR/HSS或者UE发送的UE类型指示信息时,若UE类型指示信息中某一特定IE的取值为1,SGSN可确定UE为第一类型UE,若该特定IE的取值为0,则SGSN可确定UE不是第一类型UE。Optionally, the UE type indication information may indicate that the UE is the first type of UE by using the presence of a specific information element (IE), for example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, If a certain IE exists in the UE type indication information, the SGSN may determine that the UE is the first type of UE, and may determine that the UE is not the first type of UE. Alternatively, the UE type indication information may also indicate that the UE is the first type of UE by using the value of the specific IE. For example, when the SGSN receives the HLR/HSS or the UE type indication information sent by the UE, if the UE type indication information is in the UE type indication information, If the value of the specific IE is 1, the SGSN may determine that the UE is the first type of UE. If the value of the specific IE is 0, the SGSN may determine that the UE is not the first type of UE.
本申请实施例中,HLR/HSS还可以向SGSN发送认证向量,认证向量中包括第一加密密钥和第一完整性密钥。In the embodiment of the present application, the HLR/HSS may also send an authentication vector to the SGSN, where the authentication vector includes a first encryption key and a first integrity key.
在一些可行的实施方式中,上述认证向量可以为认证向量五元组,其中包括随机数RAND、期望响应XRES、认证令牌AUTN、加密密钥CK和完整性密钥IK。第一加密密钥即为认证向量五元组中的加密密钥CK,第一完整性密钥即为认证向量五元组中的完整性密钥IK。In some possible implementations, the above authentication vector may be an authentication vector quintuple including a random number RAND, a desired response XRES, an authentication token AUTN, an encryption key CK, and an integrity key IK. The first encryption key is the encryption key CK in the authentication vector quintuple, and the first integrity key is the integrity key IK in the authentication vector quintuple.
本申请实施例中,HLR/HSS可接收SGSN发送的UE的标识,根据UE的标识确定UE为第一类型UE,并向SGSN发送UE类型指示信息,以指示该UE为第一类型UE,使SGSN可以和第一类型UE之间进行针对第一类型UE的密钥增强处理,提高第一类型UE在GPRS网络中通信的安全性。In this embodiment, the HLR/HSS may receive the identifier of the UE that is sent by the SGSN, determine that the UE is the first type of UE according to the identifier of the UE, and send the UE type indication information to the SGSN to indicate that the UE is the first type of UE. The SGSN may perform key enhancement processing for the first type of UE with the first type of UE to improve the security of communication of the first type of UE in the GPRS network.
请参阅图22,图22为本申请实施例提供的HLR/HSS的另一实施例的结构示意图。如图22所示,该HLR/HSS可包括接收装置2201、发送装置2202、和处理器2203,上述接收装置2201、发送装置2202、和处理器2203通过总线相连,其中: Referring to FIG. 22, FIG. 22 is a schematic structural diagram of another embodiment of an HLR/HSS according to an embodiment of the present application. As shown in FIG. 22, the HLR/HSS may include a receiving device 2201, a transmitting device 2202, and a processor 2203. The receiving device 2201, the transmitting device 2202, and the processor 2203 are connected by a bus, where:
上述接收装置2201,用于接收SGSN发送的用户设备UE的标识;The receiving device 2201 is configured to receive an identifier of the user equipment UE that is sent by the SGSN.
上述处理器2203,用于根据所述UE的标识确定所述UE为第一类型UE;The processor 2203 is configured to determine, according to the identifier of the UE, that the UE is a first type UE;
上述发送装置2202,用于向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The sending device 2202 is configured to send the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
本申请实施例中,HLR/HSS可接收SGSN发送的UE的标识,根据UE的标识确定UE为第一类型UE,并向SGSN发送UE类型指示信息,以指示该UE为第一类型UE,使SGSN可以和第一类型UE之间进行针对第一类型UE的密钥增强处理,提高第一类型UE在GPRS网络中通信的安全性。In this embodiment, the HLR/HSS may receive the identifier of the UE that is sent by the SGSN, determine that the UE is the first type of UE according to the identifier of the UE, and send the UE type indication information to the SGSN to indicate that the UE is the first type of UE. The SGSN may perform key enhancement processing for the first type of UE with the first type of UE to improve the security of communication of the first type of UE in the GPRS network.
请参阅图23,图23为本申请实施例提供的GPRS系统的一实施例的结构示意图。如图23所示,该GPRS系统可包括SGSN设备2301、UE2302和HLR/HSS2303,其中:Referring to FIG. 23, FIG. 23 is a schematic structural diagram of an embodiment of a GPRS system according to an embodiment of the present application. As shown in FIG. 23, the GPRS system may include an SGSN device 2301, a UE 2302, and an HLR/HSS 2303, where:
所述SGSN设备用于:接收UE发送的请求消息,从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥,若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法,将所选择的加密算法和完整性算法发送给所述UE,并根据所述第一加密密钥和上述第一完整性密钥,获得第二加密密钥和第二完整性密钥;The SGSN device is configured to: receive a request message sent by the UE, and obtain an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key, if the SGSN determines that the UE is the first a type of UE, selecting an encryption algorithm and an integrity algorithm for the UE, sending the selected encryption algorithm and integrity algorithm to the UE, and according to the first encryption key and the first An integrity key, obtaining a second encryption key and a second integrity key;
所述UE用于:向SGSN发送请求消息,接收所述SGSN发送的加密算法和完整性算法,并根据所述第一加密密钥和所述第一完整性密钥,获取所述第二加密密钥和所述第二完整性密钥;The UE is configured to: send a request message to the SGSN, receive an encryption algorithm and an integrity algorithm sent by the SGSN, and acquire the second encryption according to the first encryption key and the first integrity key. a key and the second integrity key;
其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
在一些可行的实施方式中,HLR/HSS2303可用于:In some possible implementations, the HLR/HSS 2303 can be used to:
接收所述SGSN发送的所述UE的标识;Receiving an identifier of the UE sent by the SGSN;
根据所述UE的标识确定所述UE为第一类型UE;Determining, according to the identifier of the UE, that the UE is a first type UE;
向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。Sending UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
本申请实施例中,UE向SGSN发送请求消息,SGSN在判断UE为第一类型UE之后,选择加密算法和完整性算法,UE和SGSN双方根据第一加密 密钥和第一完整性密钥,计算增强的第二加密密钥和第二完整性密钥,通过第二加密密钥、第二完整性密钥以及SGSN选择的加密算法和完整性算法对UE和SGSN之间的通信消息进行加密保护和完整性保护,增强第一类型UE在GPRS网络中通信的安全性。In the embodiment of the present application, the UE sends a request message to the SGSN, and after determining that the UE is the first type of UE, the SGSN selects an encryption algorithm and an integrity algorithm, and the UE and the SGSN perform the first encryption according to the first encryption. Key and first integrity key, calculating an enhanced second encryption key and a second integrity key, using a second encryption key, a second integrity key, and an encryption algorithm and an integrity algorithm selected by the SGSN The communication message between the UE and the SGSN performs encryption protection and integrity protection, and enhances the security of communication of the first type UE in the GPRS network.
本申请实施例还相应公开了一种计算机存储介质,该计算机存储介质中存储有程序,运行该程序时可执行如本申请的图1-5任一项所描述的实施例。The embodiment of the present application also correspondingly discloses a computer storage medium having a program stored therein, and the embodiment described in any of FIGS. 1-5 of the present application may be executed when the program is run.
本申请实施例还相应公开了另一种计算机存储介质,该计算机存储介质中存储有程序,运行该程序时可执行如本申请的图6-10任一项所描述的实施例。Another embodiment of the present application also discloses a computer storage medium having a program stored therein that can execute an embodiment as described in any of FIGS. 6-10 of the present application.
本申请实施例还相应公开了又一种计算机存储介质,该计算机存储介质中存储有程序,运行该程序时可执行如本申请的图11所描述的实施例。The embodiment of the present application further discloses another computer storage medium, wherein the computer storage medium stores a program, and when the program is executed, the embodiment as described in FIG. 11 of the present application can be executed.
需要说明的是,对于前述的各个方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本申请并不受所描述的动作顺序的限制,因为依据本申请,某一些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本申请所必须的。It should be noted that, for the foregoing various method embodiments, for the sake of brevity, they are all described as a series of action combinations, but those skilled in the art should understand that the present application is not limited by the described action sequence. Because some steps may be performed in other orders or concurrently in accordance with the present application. In the following, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present application.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详细描述的部分,可以参见其他实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are different, and the parts that are not described in detail in a certain embodiment can be referred to the related descriptions of other embodiments.
本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序可以存储于一计算机可读存储介质中,存储介质可以包括:闪存盘、只读存储器(Read-Only Memory,ROM)、随机存取器(Random Access Memory,RAM)、磁盘或光盘等。A person skilled in the art may understand that all or part of the various steps of the foregoing embodiments may be performed by a program to instruct related hardware. The program may be stored in a computer readable storage medium, and the storage medium may include: Flash disk, Read-Only Memory (ROM), Random Access Memory (RAM), disk or optical disk.
以上对本申请实施例所提供的GPRS系统密钥增强的方法、SGSN设备、UE、HLR/HSS及GPRS系统进行了详细介绍,本文中应用了具体个例对本申请的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本申请的方法及其核心思想;同时,对于本领域的一般技术人员,依据本申请的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本申请的限制。 The GPRS system key enhancement method, the SGSN device, the UE, the HLR/HSS, and the GPRS system provided by the embodiments of the present application are described in detail. The specific examples are used to explain the principles and implementation manners of the present application. The description of the above embodiments is only for helping to understand the method of the present application and its core ideas; at the same time, for those of ordinary skill in the art, according to the idea of the present application, there will be changes in specific embodiments and application scopes. In summary, the content of this specification should not be construed as limiting the application.

Claims (47)

  1. 一种GPRS系统密钥增强的方法,其特征在于,包括:A method for key enhancement of a GPRS system, comprising:
    服务GPRS支持节点SGSN接收用户设备UE发送的请求消息;The serving GPRS support node SGSN receives the request message sent by the user equipment UE;
    所述SGSN从归属位置寄存器HLR/归属签约系统HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;The SGSN acquires an authentication vector from a home location register HLR/home subscription system HSS, where the authentication vector includes a first encryption key and a first integrity key;
    若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法,并将所选择的加密算法和完整性算法发送给所述UE;If the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE, and send the selected encryption algorithm and integrity algorithm to the UE;
    所述SGSN根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;The SGSN obtains a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
    其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity algorithm. And used for integrity protection of messages transmitted between the SGSN and the UE.
  2. 根据权利要求1所述的方法,其特征在于,所述请求消息中包含所述UE的标识,所述SGSN确定所述UE为第一类型UE包括:The method according to claim 1, wherein the request message includes an identifier of the UE, and the SGSN determines that the UE is a first type of UE, including:
    所述SGSN将所述UE的标识发送给所述HLR/HSS,以使所述HLR/HSS根据所述UE的标识确定所述UE为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;Sending, by the SGSN, the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines that the UE is a first type of UE according to the identifier of the UE, and sends the UE type indication information to the SGSN. The UE type indication information is used to indicate that the UE is a first type UE;
    所述SGSN接收所述HLR/HSS发送的所述UE类型指示信息,确定所述UE为第一类型UE。The SGSN receives the UE type indication information sent by the HLR/HSS, and determines that the UE is a first type of UE.
  3. 根据权利要求1所述的方法,其特征在于,所述SGSN确定所述UE为第一类型UE,包括:The method according to claim 1, wherein the SGSN determines that the UE is a first type of UE, including:
    若所述请求消息包含UE类型指示信息,则所述SGSN确定所述UE为第一类型UE,其中,所述UE类型指示信息用于指示所述UE为第一类型UE。If the request message includes the UE type indication information, the SGSN determines that the UE is a first type of UE, where the UE type indication information is used to indicate that the UE is a first type of UE.
  4. 根据权利要求1-3任一项所述的方法,其特征在于,所述SGSN根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密 钥,包括:The method according to any one of claims 1-3, wherein the SGSN obtains a second encryption key and a second integrity according to the first encryption key and the first integrity key Secret Key, including:
    所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述SGSN根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述SGSN根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The SGSN calculates an intermediate key according to the first encryption key and the first integrity key; the SGSN calculates the second encryption key according to the intermediate key and the encryption feature string; The SGSN calculates the second integrity key according to the intermediate key and the integrity feature string; or
    所述SGSN根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述SGSN根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述SGSN根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The SGSN calculates an intermediate key according to the first encryption key and the first integrity key; the SGSN is configured according to the intermediate key, the first algorithm type indication, and the identifier of the selected encryption algorithm, Computing the second encryption key; the SGSN calculates the second integrity key according to the intermediate key, a second algorithm type indication, and an identifier of the selected integrity algorithm, where the first algorithm The type indication and the value indicated by the second algorithm type are different.
  5. 根据权利要求1-3任一项所述的方法,其特征在于,所述SGSN根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:The method according to any one of claims 1-3, wherein the SGSN obtains a second encryption key and a second integrity according to the first encryption key and the first integrity key Key, including:
    所述SGSN根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;所述SGSN将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The SGSN calculates an intermediate key according to the first encryption key and the first integrity key; the SGSN uses a first preset bit of the intermediate key as the second encryption key, Using the second preset bit of the intermediate key as the second integrity key; or
    所述SGSN根据所述第一加密密钥、第一算法类型指示和所选择的加密算法的标识计算所述第二加密密钥;所述SGSN根据所述第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The SGSN calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm; the SGSN is configured according to the first integrity key and the second algorithm. The type indication and the identifier of the selected integrity algorithm calculate the second integrity key, wherein the first algorithm type indication and the second algorithm type indicate different values; or
    所述SGSN将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述SGSN将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The SGSN uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the SGSN sets the first integrity key or the first The preset bit of the integrity key is used as the second integrity key.
  6. 根据权利要求4或5任一项所述的方法,其特征在于:A method according to any one of claims 4 or 5, wherein:
    所述认证向量为认证向量五元组;The authentication vector is an authentication vector quintuple;
    所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。 The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
  7. 根据权利要求6所述的方法,其特征在于,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。The method according to claim 6, wherein the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
  8. 一种GPRS系统密钥增强的方法,其特征在于,包括:A method for key enhancement of a GPRS system, comprising:
    用户设备UE向服务GPRS支持节点SGSN发送请求消息;The user equipment UE sends a request message to the serving GPRS support node SGSN;
    所述UE接收所述SGSN发送的加密算法和完整性算法;Receiving, by the UE, an encryption algorithm and an integrity algorithm sent by the SGSN;
    所述UE根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;Obtaining, by the UE, the second encryption key and the second integrity key according to the first encryption key and the first integrity key;
    其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
  9. 根据权利要求8所述的方法,其特征在于,所述UE向所述SGSN发送的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The method according to claim 8, wherein the request message sent by the UE to the SGSN includes UE type indication information, and the UE type indication information is used to indicate that the UE is a first type UE.
  10. 根据权利要求8或9任一项所述的方法,其特征在于,所述UE根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:The method according to any one of claims 8 or 9, wherein the UE acquires a second encryption key and a second integrity key according to the first encryption key and the first integrity key, including :
    所述UE根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述UE根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述UE根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE calculates the second encryption key according to the intermediate key and the encryption feature string; The UE calculates the second integrity key according to the intermediate key and the integrity feature string; or
    所述UE根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述UE根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥;所述UE根据所述中间密钥、第二算法类型指示和所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE calculates according to the intermediate key, the first algorithm type indication, and the identifier of the encryption algorithm. The second encryption key; the UE calculates the second integrity key according to the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm, where the first algorithm type indication The value indicated by the second algorithm type is different.
  11. 根据权利要求8或9任一项所述的方法,其特征在于,所述UE根据 加密算法和完整性算法、第一加密密钥和第一完整性密钥计算第二加密密钥和第二完整性密钥,包括:The method according to any one of claims 8 or 9, wherein the UE is based on The encryption algorithm and the integrity algorithm, the first encryption key, and the first integrity key calculate the second encryption key and the second integrity key, including:
    所述UE根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;所述UE将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The UE calculates an intermediate key according to the first encryption key and the first integrity key; the UE uses a first preset bit of the intermediate key as the second encryption key, Using the second preset bit of the intermediate key as the second integrity key; or
    所述UE根据所述第一加密密钥、第一算法类型指示和所述加密算法的标识计算所述第二加密密钥;所述UE根据第一完整性密钥、算法类型指示和所述完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The UE calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; the UE according to the first integrity key, the algorithm type indication, and the The identifier of the integrity algorithm calculates the second integrity key, wherein the first algorithm type indication and the second algorithm type indicate different values; or
    所述UE将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述UE将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The UE uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the UE will use the first integrity key or the first The preset bit of the integrity key is used as the second integrity key.
  12. 根据权利要求10或11任一项所述的方法,其特征在于,所述第一加密密钥为认证向量五元组中的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The method according to any one of claims 10 or 11, wherein the first encryption key is an encryption key CK in an authentication vector quintuple, and the first integrity key is the authentication The integrity key IK in the vector quintuple.
  13. 根据权利要求12所述的方法,其特征在于,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。The method according to claim 12, wherein the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
  14. 一种GPRS系统密钥增强的方法,其特征在于,包括:A method for key enhancement of a GPRS system, comprising:
    归属位置寄存器HLR/归属签约系统HSS接收服务GPRS支持节点SGSN发送的用户设备UE的标识;The home location register HLR/home subscription system HSS receives the identifier of the user equipment UE sent by the serving GPRS support node SGSN;
    所述HLR/HSS根据所述UE的标识确定所述UE为第一类型UE;Determining, by the HLR/HSS, that the UE is a first type UE according to the identifier of the UE;
    所述HLR/HSS向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The HLR/HSS sends the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
  15. 一种服务GPRS支持节点SGSN设备,其特征在于,包括:A service GPRS support node SGSN device, comprising:
    接收模块,用于接收用户设备UE发送的请求消息; a receiving module, configured to receive a request message sent by the user equipment UE;
    获取模块,用于从归属位置寄存器HLR/归属签约系统HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;An obtaining module, configured to acquire an authentication vector from a home location register HLR/home subscription system HSS, where the authentication vector includes a first encryption key and a first integrity key;
    选择模块,用于在所述SGSN确定所述UE为第一类型UE时,为所述UE选择一种加密算法和一种完整性算法,并将所选择的加密算法和完整性算法发送给所述UE;a selecting module, configured to: when the SGSN determines that the UE is a first type of UE, select an encryption algorithm and an integrity algorithm for the UE, and send the selected encryption algorithm and integrity algorithm to the Said UE;
    获得模块,用于根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;Obtaining a module, configured to obtain a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
    其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity algorithm. And used for integrity protection of messages transmitted between the SGSN and the UE.
  16. 根据权利要求15所述的SGSN设备,其特征在于,所述请求消息中包含所述UE的标识,所述SGSN设备还包括:The SGSN device according to claim 15, wherein the request message includes an identifier of the UE, and the SGSN device further includes:
    发送模块,用于将所述UE的标识发送给HLR/HSS,以使所述HLR/HSS根据所述UE的标识判断所述UE是否为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;a sending module, configured to send the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines, according to the identifier of the UE, whether the UE is a first type UE, and sends a UE type indication to the SGSN. Information, the UE type indication information is used to indicate that the UE is a first type UE;
    第一确定模块,用于接收所述HLR/HSS发送的所述UE类型指示信息,确定所述UE为第一类型UE。The first determining module is configured to receive the UE type indication information that is sent by the HLR/HSS, and determine that the UE is a first type of UE.
  17. 根据权利要求15所述的SGSN设备,其特征在于,所述SGSN设备还包括:The SGSN device according to claim 15, wherein the SGSN device further comprises:
    第二确定模块,用于在所述请求消息包含UE类型指示信息时,确定所述UE为第一类型UE,其中,所述UE类型指示信息用于指示所述UE为第一类型UE。And a second determining module, configured to: when the request message includes the UE type indication information, determine that the UE is a first type of UE, where the UE type indication information is used to indicate that the UE is a first type of UE.
  18. 根据权利要求15-17任一项所述的SGSN设备,其特征在于,所述获得模块包括第一计算单元、第二计算单元和第三计算单元,其中:The SGSN device according to any one of claims 15-17, wherein the obtaining module comprises a first calculating unit, a second calculating unit and a third calculating unit, wherein:
    所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥和加密特征字符串, 计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key; the second calculating unit is configured to use the intermediate key and the encryption feature String, Calculating the second encryption key; the third calculating unit, configured to calculate the second integrity key according to the intermediate key and the integrity feature string; or
    所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key, and the second calculating unit is configured to use, according to the intermediate key, the first An algorithm type indication and an identifier of the selected encryption algorithm, the second encryption key is calculated; the third calculation unit is configured to perform, according to the intermediate key, the second algorithm type indication, and the selected integrity algorithm And identifying, the second integrity key, wherein the first algorithm type indication and the second algorithm type indicate different values.
  19. 根据权利要求15-17任一项所述的SGSN设备,其特征在于:The SGSN device according to any one of claims 15-17, characterized in that:
    所述获得模块具体用于:根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;将所述中间密钥的第一预设比特位作为第二加密密钥,将所述中间密钥的第二预设比特位作为第二完整性密钥;或者,The obtaining module is specifically configured to: calculate an intermediate key according to the first encryption key and the first integrity key; and use a first preset bit of the intermediate key as a second encryption key, Using the second preset bit of the intermediate key as the second integrity key; or
    所述获得模块包括:第四计算单元,用于根据所述第一加密密钥、第一算法类型指示和所选择的加密算法的标识计算所述第二加密密钥;第五计算单元,用于根据所述第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The obtaining module includes: a fourth calculating unit, configured to calculate the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm; the fifth calculating unit, Calculating the second integrity key according to the first integrity key, the second algorithm type indication, and an identifier of the selected integrity algorithm, wherein the first algorithm type indication and the second algorithm type The values indicated are not the same; or,
    所述获得模块具体用于:将所述认证向量中的第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;将所述认证向量中的第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The obtaining module is specifically configured to: use a first encryption key in the authentication vector or a preset bit of the first encryption key as the second encryption key; An integrity key or a preset bit of the first integrity key is used as the second integrity key.
  20. 根据权利要求18或19任一项所述的SGSN设备,其特征在于:The SGSN device according to any one of claims 18 or 19, characterized in that:
    所述认证向量为认证向量五元组;The authentication vector is an authentication vector quintuple;
    所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
  21. 根据权利要求20所述的SGSN设备,其特征在于,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。 The SGSN device according to claim 20, characterized in that the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
  22. 一种计算机存储介质,其特征在于,所述计算机存储介质存储有程序,运行所述程序时执行包括如权利要求1至7任一项所述的步骤。A computer storage medium, characterized in that the computer storage medium stores a program, and when the program is executed, the steps of any one of claims 1 to 7 are performed.
  23. 一种服务GPRS支持节点SGSN设备,其特征在于,包括接收装置、发送装置和处理器,所述接收装置、所述发送装置和所述处理器通过总线相连,其中:A service GPRS support node SGSN device, comprising: a receiving device, a transmitting device and a processor, wherein the receiving device, the transmitting device and the processor are connected by a bus, wherein:
    所述接收装置,用于接收用户设备UE发送的请求消息;The receiving device is configured to receive a request message sent by the user equipment UE;
    所述处理器,用于:The processor is configured to:
    从归属位置寄存器HLR/归属签约系统HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥;Obtaining an authentication vector from a home location register HLR/home subscription system HSS, the authentication vector including a first encryption key and a first integrity key;
    若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法;And if the SGSN determines that the UE is a first type of UE, selecting an encryption algorithm and an integrity algorithm for the UE;
    根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;Obtaining a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
    所述发送装置,用于将所选择的加密算法和完整性算法发送给所述UE;The sending device is configured to send the selected encryption algorithm and integrity algorithm to the UE;
    其中,所述第二加密密钥和所选择的加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所选择的完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the selected encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, the second integrity key and the selected integrity algorithm. And used for integrity protection of messages transmitted between the SGSN and the UE.
  24. 根据权利要求23所述的SGSN设备,其特征在于,所述请求消息中包含所述UE的标识;The SGSN device according to claim 23, wherein the request message includes an identifier of the UE;
    所述发送装置,还用于将所述UE的标识发送给所述HLR/HSS,以使所述HLR/HSS根据所述UE的标识判断所述UE是否为第一类型UE,并向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE;The sending device is further configured to send the identifier of the UE to the HLR/HSS, so that the HLR/HSS determines, according to the identifier of the UE, whether the UE is a first type UE, and The SGSN sends the UE type indication information, where the UE type indication information is used to indicate that the UE is a first type UE;
    所述处理器确定所述UE为第一类型UE,包括:所述处理器接收所述HLR/HSS发送的UE类型指示信息,确定所述UE为第一类型UE。 Determining, by the processor, that the UE is a first type of UE, the method includes: the processor receiving the UE type indication information sent by the HLR/HSS, and determining that the UE is a first type of UE.
  25. 根据权利要求23所述的SGSN设备,其特征在于,所述处理器确定所述UE为第一类型UE,包括:The SGSN device according to claim 23, wherein the processor determines that the UE is a first type of UE, including:
    若所述请求消息包含UE类型指示信息,则所述处理器确定所述UE为第一类型UE,其中,所述UE类型指示信息用于指示所述UE为第一类型UE。If the request message includes the UE type indication information, the processor determines that the UE is a first type of UE, where the UE type indication information is used to indicate that the UE is a first type of UE.
  26. 根据权利要求23-25任一项所述的SGSN设备,其特征在于,所述处理器根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:The SGSN device according to any one of claims 23-25, wherein the processor obtains a second encryption key and a second according to the first encryption key and the first integrity key Integrity key, including:
    所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述处理器根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor calculates the second encryption key according to the intermediate key and the encryption feature string a key; the processor calculates the second integrity key according to the intermediate key and an integrity feature string; or
    所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述处理器根据所述中间密钥、第二算法类型指示和所选择的完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor is configured according to the intermediate key, the first algorithm type indication, and the selected encryption algorithm Identifying, calculating the second encryption key; the processor calculating the second integrity key according to the intermediate key, a second algorithm type indication, and an identifier of the selected integrity algorithm, wherein the The first algorithm type indication and the second algorithm type indicate different values.
  27. 根据权利要求23-25任一项所述的SGSN设备,其特征在于,所述处理器根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥,包括:The SGSN device according to any one of claims 23-25, wherein the processor obtains a second encryption key and a second according to the first encryption key and the first integrity key Integrity key, including:
    所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor uses a first preset bit of the intermediate key as the second encryption a key, the second preset bit of the intermediate key is used as the second integrity key; or
    所述处理器根据所述认证向量中的第一加密密钥、第一算法类型指示和所选择的加密算法的标识,计算所述第二加密密钥;所述处理器根据所述认证向量中的第一完整性密钥、第二算法类型指示和所选择的完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者, The processor calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the selected encryption algorithm in the authentication vector; the processor is according to the authentication vector Calculating the second integrity key by the first integrity key, the second algorithm type indication, and the identifier of the selected integrity algorithm, wherein the first algorithm type indication and the second algorithm type indication are taken Values are not the same; or,
    所述处理器将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述处理器将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The processor uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the processor sets the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
  28. 根据权利要求26或27任一项所述的SGSN设备,其特征在于:The SGSN device according to any one of claims 26 or 27, characterized in that:
    所述认证向量为认证向量五元组;The authentication vector is an authentication vector quintuple;
    所述第一加密密钥为所述认证向量五元组中的的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The first encryption key is an encryption key CK in the authentication vector quintuple, and the first integrity key is an integrity key IK in the authentication vector quintuple.
  29. 根据权利要求28所述的SGSN设备,其特征在于,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。The SGSN device according to claim 28, characterized in that the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
  30. 一种用户设备UE,其特征在于,包括:A user equipment (UE), comprising:
    发送模块,用于向服务GPRS支持节点SGSN发送请求消息;a sending module, configured to send a request message to the serving GPRS support node SGSN;
    接收模块,用于接收所述SGSN发送的加密算法和完整性算法;a receiving module, configured to receive an encryption algorithm and an integrity algorithm sent by the SGSN;
    获取模块,用于根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;An acquiring module, configured to acquire a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
    其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
  31. 根据权利要求30所述的UE,其特征在于,所述UE向所述SGSN发送的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The UE according to claim 30, wherein the request message sent by the UE to the SGSN includes UE type indication information, and the UE type indication information is used to indicate that the UE is a first type UE.
  32. 根据权利要求30或31任一项所述的UE,其特征在于,所述获取模块包括第一计算单元、第二计算单元和第三计算单元,其中:The UE according to any one of claims 30 or 31, wherein the acquisition module comprises a first calculation unit, a second calculation unit and a third calculation unit, wherein:
    所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥和加密特征字符串, 计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key; the second calculating unit is configured to use the intermediate key and the encryption feature String, Calculating the second encryption key; the third calculating unit, configured to calculate the second integrity key according to the intermediate key and the integrity feature string; or
    所述第一计算单元,用于根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述第二计算单元,用于根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥;所述第三计算单元,用于根据所述中间密钥、第二算法类型指示和所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。The first calculating unit is configured to calculate an intermediate key according to the first encryption key and the first integrity key, and the second calculating unit is configured to use, according to the intermediate key, the first The algorithm type indication and the identifier of the encryption algorithm, and the second encryption key is calculated; the third calculating unit is configured to use, according to the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm, Calculating the second integrity key, wherein the first algorithm type indication and the second algorithm type indication value are different.
  33. 根据权利要求30或31任一项所述的UE,其特征在于,The UE according to any one of claims 30 or 31, wherein
    所述获取模块具体用于:根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The acquiring module is specifically configured to: calculate an intermediate key according to the first encryption key and the first integrity key; and use a first preset bit of the intermediate key as the second encryption a key, the second preset bit of the intermediate key is used as the second integrity key; or
    所述计算模块包括:第四计算单元,用于根据所述第一加密密钥、第一算法类型指示和所述加密算法的标识计算所述第二加密密钥;第五计算单元,用于根据所述第一完整性密钥、第二算法类型指示和所述完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The calculation module includes: a fourth calculation unit, configured to calculate the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; and the fifth calculation unit is configured to: Calculating the second integrity key according to the first integrity key, the second algorithm type indication, and the identifier of the integrity algorithm, wherein the first algorithm type indication and the second algorithm type indication Values are not the same; or,
    所述获取模块具体用于:将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The acquiring module is specifically configured to: use the first encryption key or a preset bit of the first encryption key as the second encryption key; and the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
  34. 根据权利要求32或33任一项所述的UE,其特征在于,所述第一加密密钥为认证向量五元组中的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The UE according to any one of claims 32 or 33, wherein the first encryption key is an encryption key CK in an authentication vector quintuple, and the first integrity key is the authentication The integrity key IK in the vector quintuple.
  35. 根据权利要求34所述的UE,其特征在于,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。 The UE according to claim 34, characterized in that the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
  36. 一种计算机存储介质,其特征在于,所述计算机存储介质存储有程序,运行所述程序时执行包括如权利要求8至13任一项所述的步骤。A computer storage medium, characterized in that the computer storage medium stores a program, and when the program is executed, the steps of any one of claims 8 to 13 are performed.
  37. 一种用户设备UE,其特征在于,包括发送装置、接收装置和处理器,所述发送装置、所述接收装置和所述处理器通过总线连接,其中:A user equipment UE, comprising: a transmitting device, a receiving device and a processor, wherein the transmitting device, the receiving device and the processor are connected by a bus, wherein:
    所述发送装置,用于向服务GPRS支持节点SGSN发送请求消息;The sending device is configured to send a request message to the serving GPRS support node SGSN;
    所述接收装置,用于接收所述SGSN发送的加密算法和完整性算法;The receiving device is configured to receive an encryption algorithm and an integrity algorithm sent by the SGSN;
    所述处理器,用于根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥;The processor is configured to obtain a second encryption key and a second integrity key according to the first encryption key and the first integrity key;
    其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
  38. 根据权利要求37所述的UE,其特征在于,所述发送装置向所述SGSN发送的请求消息中包含UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The UE according to claim 37, wherein the request message sent by the sending apparatus to the SGSN includes UE type indication information, and the UE type indication information is used to indicate that the UE is a first type UE.
  39. 根据权利要求37或38任一项所述的UE,其特征在于,所述处理器根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:The UE according to any one of claims 37 or 38, wherein the processor acquires a second encryption key and a second integrity key according to the first encryption key and the first integrity key. include:
    所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥和加密特征字符串,计算所述第二加密密钥;所述处理器根据所述中间密钥和完整性特征字符串,计算所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor calculates the second encryption key according to the intermediate key and the encryption feature string a key; the processor calculates the second integrity key according to the intermediate key and an integrity feature string; or
    所述处理器根据所述第一加密密钥和所述第一完整性密钥,计算中间密钥;所述处理器根据所述中间密钥、第一算法类型指示和所述加密算法的标识,计算所述第二加密密钥;所述处理器根据所述中间密钥、第二算法类型指示和所述完整性算法的标识,计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同。 The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor is configured according to the intermediate key, a first algorithm type indication, and an identifier of the encryption algorithm Calculating the second encryption key; the processor calculating the second integrity key according to the intermediate key, the second algorithm type indication, and the identifier of the integrity algorithm, where the first The algorithm type indication and the second algorithm type indicate different values.
  40. 根据权利要求37或38任一项所述的UE,其特征在于,所述处理器根据第一加密密钥和第一完整性密钥,获取第二加密密钥和第二完整性密钥,包括:The UE according to any one of claims 37 or 38, wherein the processor acquires a second encryption key and a second integrity key according to the first encryption key and the first integrity key. include:
    所述处理器根据所述第一加密密钥和所述第一完整性密钥计算中间密钥;所述处理器将所述中间密钥的第一预设比特位作为所述第二加密密钥,将所述中间密钥的第二预设比特位作为所述第二完整性密钥;或者,The processor calculates an intermediate key according to the first encryption key and the first integrity key; the processor uses a first preset bit of the intermediate key as the second encryption key Key, the second preset bit of the intermediate key is used as the second integrity key; or
    所述处理器根据所述第一加密密钥、第一算法类型指示和所述加密算法的标识计算所述第二加密密钥;所述处理器根据所述第一完整性密钥、第二算法类型指示和所述完整性算法的标识计算所述第二完整性密钥,其中所述第一算法类型指示和所述第二算法类型指示的取值不相同;或者,The processor calculates the second encryption key according to the first encryption key, the first algorithm type indication, and the identifier of the encryption algorithm; the processor is configured according to the first integrity key, the second The algorithm type indication and the identifier of the integrity algorithm calculate the second integrity key, where the first algorithm type indication and the second algorithm type indicate different values; or
    所述处理器将所述第一加密密钥或者所述第一加密密钥的预设比特位作为所述第二加密密钥;所述处理器将所述第一完整性密钥或者所述第一完整性密钥的预设比特位作为所述第二完整性密钥。The processor uses the first encryption key or a preset bit of the first encryption key as the second encryption key; the processor sets the first integrity key or the The preset bit of the first integrity key is used as the second integrity key.
  41. 根据权利要求39或40任一项所述的UE,其特征在于,所述第一加密密钥为认证向量五元组中的加密密钥CK,所述第一完整性密钥为所述认证向量五元组中的完整性密钥IK。The UE according to any one of claims 39 or 40, wherein the first encryption key is an encryption key CK in an authentication vector quintuple, and the first integrity key is the authentication The integrity key IK in the vector quintuple.
  42. 根据权利要求41所述的UE,其特征在于,所述中间密钥为64位GPRS加密密钥Kc或128位加密密钥Kc128。The UE according to claim 41, characterized in that the intermediate key is a 64-bit GPRS encryption key Kc or a 128-bit encryption key Kc128.
  43. 一种归属位置寄存器HLR/归属签约系统HSS,其特征在于,包括:A home location register HLR/home subscription system HSS, comprising:
    接收模块,用于接收服务GPRS支持节点SGSN发送的用户设备UE的标识;a receiving module, configured to receive an identifier of the user equipment UE sent by the serving GPRS support node SGSN;
    确定模块,用于根据所述UE的标识确定所述UE为第一类型UE;a determining module, configured to determine, according to the identifier of the UE, that the UE is a first type UE;
    发送模块,用于向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。 And a sending module, configured to send the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
  44. 一种计算机存储介质,其特征在于,所述计算机存储介质存储有程序,运行所述程序时执行包括如权利要求14所述的步骤。A computer storage medium, characterized in that the computer storage medium stores a program, and the step of executing the program comprises the steps of claim 14.
  45. 一种归属位置寄存器HLR/归属签约系统HSS,其特征在于,包括发送装置、接收装置和处理器,所述发送装置、所述接收装置和所述处理器通过总线连接,其中:A home location register HLR/home signing system HSS, comprising: a transmitting device, a receiving device and a processor, wherein the transmitting device, the receiving device and the processor are connected by a bus, wherein:
    所述接收装置,用于接收服务GPRS支持节点SGSN发送的用户设备UE的标识;The receiving device is configured to receive an identifier of the user equipment UE that is sent by the serving GPRS support node SGSN;
    所述处理器,用于根据所述UE的标识确定所述UE为第一类型UE;The processor is configured to determine, according to the identifier of the UE, that the UE is a first type UE;
    所述发送装置,用于向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。The sending device is configured to send the UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type UE.
  46. 一种GPRS系统,其特征在于,所述GPRS系统包括服务GPRS支持节点SGSN设备、用户设备UE和归属位置寄存器HLR/归属签约系统HSS,其中:A GPRS system, characterized in that the GPRS system comprises a serving GPRS support node SGSN device, a user equipment UE and a home location register HLR/home subscription system HSS, wherein:
    所述SGSN设备用于:接收UE发送的请求消息,从HLR/HSS获取认证向量,所述认证向量包含第一加密密钥和第一完整性密钥,若所述SGSN确定所述UE为第一类型UE,则为所述UE选择一种加密算法和一种完整性算法,将所选择的加密算法和完整性算法发送给所述UE,并根据所述第一加密密钥和所述第一完整性密钥,获得第二加密密钥和第二完整性密钥;The SGSN device is configured to: receive a request message sent by the UE, and obtain an authentication vector from the HLR/HSS, where the authentication vector includes a first encryption key and a first integrity key, if the SGSN determines that the UE is the first a type of UE, selecting an encryption algorithm and an integrity algorithm for the UE, sending the selected encryption algorithm and integrity algorithm to the UE, and according to the first encryption key and the first An integrity key, obtaining a second encryption key and a second integrity key;
    所述UE用于:向SGSN发送请求消息,接收所述SGSN发送的加密算法和完整性算法,并根据所述第一加密密钥和所述第一完整性密钥,获取所述第二加密密钥和所述第二完整性密钥;The UE is configured to: send a request message to the SGSN, receive an encryption algorithm and an integrity algorithm sent by the SGSN, and acquire the second encryption according to the first encryption key and the first integrity key. a key and the second integrity key;
    其中,所述第二加密密钥和所述加密算法用于对所述SGSN和所述UE之间传输的消息进行机密性保护,所述第二完整性密钥和所述完整性算法用于对所述SGSN和所述UE之间传输的消息进行完整性保护。The second encryption key and the encryption algorithm are used to perform confidentiality protection on a message transmitted between the SGSN and the UE, where the second integrity key and the integrity algorithm are used. Performing integrity protection on messages transmitted between the SGSN and the UE.
  47. 根据权利要求46所述的GPRS系统,其特征在于,所述HLR/HSS用于: The GPRS system of claim 46 wherein said HLR/HSS is for:
    接收所述SGSN发送的所述UE的标识;Receiving an identifier of the UE sent by the SGSN;
    根据所述UE的标识确定所述UE为第一类型UE;Determining, according to the identifier of the UE, that the UE is a first type UE;
    向所述SGSN发送UE类型指示信息,所述UE类型指示信息用于指示所述UE为第一类型UE。 Sending UE type indication information to the SGSN, where the UE type indication information is used to indicate that the UE is a first type of UE.
PCT/CN2015/076118 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system WO2016161583A1 (en)

Priority Applications (10)

Application Number Priority Date Filing Date Title
EP18209789.9A EP3518569B1 (en) 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system
PCT/CN2015/076118 WO2016161583A1 (en) 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system
RU2017135480A RU2683853C1 (en) 2015-04-08 2015-04-08 Method for improving gprs key, sgsn device, user device, hlr / hss and gprs system
BR112017020874-1A BR112017020874A2 (en) 2015-04-08 2015-04-08 key improvement method of gprs system, sgsn device, eu, hlr / hss and gprs system.
JP2017552875A JP6504630B2 (en) 2015-04-08 2015-04-08 GPRS system key reinforcement method, SGSN device, UE, HLR / HSS, and GPRS system
CN201580055450.3A CN107079293A (en) 2015-04-08 2015-04-08 A kind of enhanced method of gprs system key, SGSN equipment, UE, HLR/HSS and gprs system
CA2979898A CA2979898A1 (en) 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system
KR1020177027640A KR101929699B1 (en) 2015-04-08 2015-04-08 GPRS system key enforcement method, SGSN device, UE, HLR / HSS, and GPRS system
EP15888140.9A EP3258718B1 (en) 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system
US15/727,027 US20180034635A1 (en) 2015-04-08 2017-10-06 GPRS System Key Enhancement Method, SGSN Device, UE, HLR/HSS, and GPRS System

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/076118 WO2016161583A1 (en) 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/727,027 Continuation US20180034635A1 (en) 2015-04-08 2017-10-06 GPRS System Key Enhancement Method, SGSN Device, UE, HLR/HSS, and GPRS System

Publications (1)

Publication Number Publication Date
WO2016161583A1 true WO2016161583A1 (en) 2016-10-13

Family

ID=57071675

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/076118 WO2016161583A1 (en) 2015-04-08 2015-04-08 Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system

Country Status (9)

Country Link
US (1) US20180034635A1 (en)
EP (2) EP3258718B1 (en)
JP (1) JP6504630B2 (en)
KR (1) KR101929699B1 (en)
CN (1) CN107079293A (en)
BR (1) BR112017020874A2 (en)
CA (1) CA2979898A1 (en)
RU (1) RU2683853C1 (en)
WO (1) WO2016161583A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3371950B1 (en) * 2015-11-02 2021-03-03 Telefonaktiebolaget LM Ericsson (PUBL) Wireless communications
US10797859B2 (en) * 2018-03-22 2020-10-06 Arm Limited Low area optimization for NB-IoT applications
WO2021196047A1 (en) * 2020-03-31 2021-10-07 华为技术有限公司 Key processing method and apparatus
CN116018392A (en) 2020-07-23 2023-04-25 雪佛龙奥伦耐有限责任公司 Succinimide dispersants post-treated with heteroaromatic glycidyl ethers exhibiting good soot handling properties
JP2023535415A (en) 2020-07-23 2023-08-17 シェブロン・オロナイト・カンパニー・エルエルシー Aromatic glycidyl ether post-treated succinimide dispersants exhibiting good soot disposal performance
JP2023541435A (en) 2020-09-14 2023-10-02 シェブロンジャパン株式会社 Lubricating oil containing alkylphosphonic acid
WO2022074547A1 (en) 2020-10-05 2022-04-14 Chevron Japan Ltd. Friction modifier system
CA3197324A1 (en) 2020-10-05 2022-04-14 Chevron Oronite Company Llc Ashless additive composition
US11843689B2 (en) * 2021-08-06 2023-12-12 Samsung Electronics Co., Ltd. Methods and systems for reducing propagation delays in hardware implementation of ZUC cryptographic algorithms
WO2023156989A1 (en) 2022-02-21 2023-08-24 Chevron Oronite Company Llc Lubricating oil composition
WO2023191886A1 (en) 2022-03-31 2023-10-05 Chevron Oronite Company Llc Ashless additive composition

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1845600A (en) * 2006-05-17 2006-10-11 中国移动通信集团公司 Method and system for realizing user key arrangement in mobile broadcast television service
CN101123778A (en) * 2007-09-29 2008-02-13 大唐微电子技术有限公司 Network access authentication method and its USIM card
CN102790810A (en) * 2012-07-18 2012-11-21 大唐移动通信设备有限公司 IP (internet protocol) address allocation method and device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1798910B1 (en) * 2005-12-16 2011-07-06 Vodafone Group PLC Method of requesting and sending authentification vectors
CN101399767B (en) * 2007-09-29 2011-04-20 华为技术有限公司 Method, system and apparatus for security capability negotiation during terminal moving
US9084110B2 (en) * 2010-04-15 2015-07-14 Qualcomm Incorporated Apparatus and method for transitioning enhanced security context from a UTRAN/GERAN-based serving network to an E-UTRAN-based serving network
US20110312299A1 (en) * 2010-06-18 2011-12-22 Qualcomm Incorporated Methods and apparatuses facilitating synchronization of security configurations

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1845600A (en) * 2006-05-17 2006-10-11 中国移动通信集团公司 Method and system for realizing user key arrangement in mobile broadcast television service
CN101123778A (en) * 2007-09-29 2008-02-13 大唐微电子技术有限公司 Network access authentication method and its USIM card
CN102790810A (en) * 2012-07-18 2012-11-21 大唐移动通信设备有限公司 IP (internet protocol) address allocation method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"TS 33. 102 V12.2.0", TECHNICAL SPECIFICATION GROUP SERVICES AND SYSTEM ASPECTS; 3G SECURITY; SECURITY ARCHITECTURE (RELEASE 12, 31 December 2014 (2014-12-31), XP050927284 *
See also references of EP3258718A4 *

Also Published As

Publication number Publication date
EP3518569A1 (en) 2019-07-31
JP6504630B2 (en) 2019-04-24
CN107079293A (en) 2017-08-18
EP3258718B1 (en) 2018-12-19
RU2683853C1 (en) 2019-04-02
EP3258718A4 (en) 2017-12-20
CA2979898A1 (en) 2016-10-13
EP3518569B1 (en) 2020-04-08
KR20170125381A (en) 2017-11-14
JP2018516483A (en) 2018-06-21
KR101929699B1 (en) 2018-12-14
US20180034635A1 (en) 2018-02-01
BR112017020874A2 (en) 2018-07-17
EP3258718A1 (en) 2017-12-20

Similar Documents

Publication Publication Date Title
WO2016161583A1 (en) Gprs system key enhancement method, sgsn device, ue, hlr/hss and gprs system
CN103560879B (en) A kind of light-weight authentication and the implementation method of key agreement
CN103596173B (en) Wireless network authentication method, client and service end wireless network authentication device
JP2021193800A (en) Security arrangement in communication between communication device and network device
KR101485230B1 (en) Secure multi-uim authentication and key exchange
KR101490214B1 (en) Systems and methods for encoding exchanges with a set of shared ephemeral key data
CN103415008A (en) Encryption communication method and encryption communication system
CN101512537A (en) Method and system for secure processing of authentication key material in an Ad Hoc Wireless Network
KR101297648B1 (en) Authentication method between server and device
US10212140B2 (en) Key management
EP2879421A1 (en) Terminal identity verification and service authentication method, system, and terminal
US10505722B2 (en) Shared secret communication system with use of cloaking elements
CN109309566B (en) Authentication method, device, system, equipment and storage medium
TWI568234B (en) Anonymity authentication method for global mobility networks
CN112602290B (en) Identity authentication method and device and readable storage medium
CN107950003B (en) Method and device for dual-user authentication
Leu et al. Improving security level of LTE authentication and key agreement procedure
CN115868189A (en) Method, vehicle, terminal and system for establishing vehicle safety communication
EP3471365A1 (en) Key acquisition method and apparatus
CN102026184B (en) Authentication method, authentication system and relevant device
CN115412909A (en) Communication method and device
KR101625554B1 (en) System and method for authentication and key agreement
Tayade et al. Quantum based flexible secure authentication protocol (SAP) for device to device (D2D) communication
CN112640506B (en) Bluetooth node pairing method and related device
Sudarsono et al. An Implementation of Secure Monitoring System to Track Member in A Tour Group Using Group Signature

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15888140

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2979898

Country of ref document: CA

REEP Request for entry into the european phase

Ref document number: 2015888140

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 20177027640

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2017135480

Country of ref document: RU

ENP Entry into the national phase

Ref document number: 2017552875

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112017020874

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 112017020874

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20170928